mailing list archives
Re: Faking OS fingerprinting in Windows
From: Information Services <info () pcsage biz>
Date: Tue, 14 Jun 2005 10:52:25 -0400
If nmap has returned this device type, perhaps it's being used for
its intent and is port forwarding to the IIS server that is hosting
the .asp application you mention.
Measure twice cut once.
On 13-Jun-05, at 12:48 AM, Christian Wendell Gueco wrote:
While doing an OS fingerprint to a client using nmap, the system
was fingerprinted to :
Panasonic IP Technology Broadband Networking Gateway, KX-HGW200
I am assuming that this results are caused by a IP stack
manipulation tool of some sort running on a Windows platform since
this server has an ASP website hosted. I would like to ask on any
tools that runs on Windows that can perform such a task. I have
research such tools but all of them run on Linux systems.
Another thing to assume, is it possible that a device prior to the
server (i.e. inline IDS or firewall) is capable of manipulation the
IP Personality (i.e. its header values incl TCP) to mislead any OS
fingerprinting mechanism. Are there such features on opensource and
Any information is gladly appreciated. Thanks!
Sign-up for Ads Free at Mail.com