Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: Fingerprint for SCO Unixware 7

Fingerprint for SCO Unixware 7

From: Noah Romer <klevin_at_eskimo.com>
Date: Wed, 16 Dec 1998 19:04:06 -0800 (PST)

SCO UnixWare 7 (support level 7.0.0t)

TCP Sequence Prediction: Class=random positive increments
                         Difficulty=596951 (Good luck!)
No OS matches for this host. TCP fingerprints:
TSeq(Class=RI%gcd=1%SI=E2255)
TSeq(Class=RI%gcd=1%SI=701D0)
TSeq(Class=RI%gcd=1%SI=91BD7)
T1(Resp=Y%DF=Y%W=60F4%ACK=S++%Flags=AS%Ops=M)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=6041%ACK=O%Flags=A%Ops=)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
PU(Resp=Y%DF=Y%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)

This is from a SYN scan, the standard TCP gets the same (except for the
TSeq bits, but that changes every time the scan is done anyway, not matter
what method's being used)). 

--
Noah Romer              |"Calm down, it's only ones and zeros." - this message
klevin_at_eskimo.com       |brought to you by The Network
PGP key available       |"Time will have its say, it always does." - Celltrex
by finger or email      |from Flying to Valhalla by Charles Pellegrino
Received on Dec 16 1998
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos