mailing list archives
RE: Faking OS fingerprinting in Windows
From: "Andrew Shore" <andrew.shore () holistecs com>
Date: Tue, 14 Jun 2005 13:37:21 +0100
This device may be port forwarding port 80 to a w2k server(?)
Hence it may be the device it nmap says it is.
From: Christian Wendell Gueco [mailto:velox () consultant com]
Sent: 13 June 2005 05:49
To: security-basics () securityfocus com
Subject: Faking OS fingerprinting in Windows
While doing an OS fingerprint to a client using nmap, the system was
fingerprinted to :
Panasonic IP Technology Broadband Networking Gateway, KX-HGW200
I am assuming that this results are caused by a IP stack manipulation
tool of some sort running on a Windows platform since this server has an
ASP website hosted. I would like to ask on any tools that runs on
Windows that can perform such a task. I have research such tools but all
of them run on Linux systems.
Another thing to assume, is it possible that a device prior to the
server (i.e. inline IDS or firewall) is capable of manipulation the IP
Personality (i.e. its header values incl TCP) to mislead any OS
fingerprinting mechanism. Are there such features on opensource and
Any information is gladly appreciated. Thanks!
Sign-up for Ads Free at Mail.com