|
Penetration Testing
mailing list archives
Re: Fingerprinting Windows O/S based on ports open?
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 21 Oct 2003 15:26:25 -0400 (EDT)
Problem is though, finger printing by open default ports is not always
going to give the answers/OS you might think. Consider a unix system with
samba. Or an admin that has a clue and locks out some of the ports or
closes off un-needed services, or better yet, firewalls the box.
OS fingerprinting is not as plain and claer cut as it was perhaps a few
years ago <if it was even then>. Some of the better work in OS
fingerprinting these days seems to be in the realm of reading packets
returned by various OS's, like ping/traceroute packets and or some of the
settings in tcp packets.
Thanks,
Ron DuFresne
On Tue, 21 Oct 2003, lsi wrote:
Open ports on a W2K default install:
TCP 135
TCP 445
TCP 1025
(1025 is something to do with the task scheduler)
Open ports on a W98SE default install:
TCP 139
Stuart
On 20 Oct 2003 at 14:59, Robert Masse wrote:
Subject: Fingerprinting Windows O/S based on ports open?
Date sent: Mon, 20 Oct 2003 14:59:13 -0400
From: "Robert Masse" <rmasse () gosecure ca>
To: <pen-test () securityfocus com>
Hi
Does anyone have a matrix of TCP/UDP ports open per default install of
Windows (OS focused, not application focused like having tcp 80 for
iis)? I cannot use classic O/S fingerprinting with NMAP nor can I use
passive fingerprinting like P0f....
I need a simple table like:
Win95 Win98 NT4 W2K
ME XP
TCP 133455 y n y
n n y
UDP 1234535 y n
TCP 1543637
TCP 4434565
Etc
Etc
Of course the example I used above is bogus but I am too lazy to type in
all the results. I don't have access to 95, 98, ME etc so I cannot
verify myself.
Any help would be appreciated; I need a list of ports per O/S soon for a
personal project.
Once I have my information, I will post the results.
Thanks
Rob
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_pen-test_031015
----------------------------------------------------------------------------
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_pen-test_031015
----------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
