Intrusion Detection Systems mailing list archives

Passive Fingerprinting

From: lance () spitzner net (Lance Spitzner)
Date: Sat, 22 Apr 2000 23:49:04 -0500 (CDT)


Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
Passive Fingerprinting is a method of determining
a remote operating system based solely on sniffer
traces.  Though the concept is not new, little has
been documented about it.  To help me in the
analysis of system attacks, I have developed such 
documentation.

I have written a rough draft and a database for
passive fingerprinting.  I am hoping some of the
guru's here could check it out and give me their
suggestions/experiences.  Also, I would appreciate
any signatures to add to the database.  The paper
is a working draft.

Passive Fingerprinting:
http://www.enteract.com/~lspitz/finger.html

Thanks!

Lance Spitzner
http://www.enteract.com/~lspitz/papers.html

Current thread:

Re: [Fwd: [Fwd: Fwd: Emergency...Pls Forward This To Everyone You Know]] cy bear (Apr 13)
- Re: the "please forward to everyone email" walter sulym (Apr 13)
- Passive Mapping: An Offensive Use of IDS Martins, Fernando (Lisbon) (Apr 14)
  - Re: Passive Mapping: An Offensive Use of IDS Ron Gula (Apr 14)
  - Last call for extended abstracts - Raid 2000 - Deadline is April 30th Herve Debar (Apr 18)
  - Last call for extended abstracts - Raid 2000 - Deadline is April 30th Herve Debar (Apr 18)
  - implications of recent legal trends Stuart Staniford-Chen (Apr 18)
    - Re: implications of recent legal trends Shafik Yaghmour (Apr 19)
    - Re: implications of recent legal trends Roelof JT Jonkman (Apr 21)
    - Passive Fingerprinting Lance Spitzner (Apr 22)
- Syslogd whith secure options ? bruno.pradal () free fr (Apr 14)