Revision as of 17:14, 27 July 2014 edit Magioladitis (talk \| contribs) Extended confirmed users, Rollbackers 908,596 edits m →TCP/IP Fingerprint Specifics: Replace unicode entity nbsp for character [NBSP] (or space) per WP:NBSP + other fixes, replaced: → (2) using AWB (10331) ← Previous edit		Revision as of 06:41, 19 April 2015 edit undo AutisticCatnip (talk \| contribs) 306 edits m →Protection against and detecting fingerprinting Next edit →
Line 25: Disallowing TCP/IP fingerprinting provides protection from [[vulnerability scanner]]s looking to target machines running a certain operating system. Fingerprinting facilitates attacks. Blocking those ICMP messages is only one of an array of defenses required for full protection against attacks.<ref>{{cite web\|url=http://seclists.org/pen-test/2007/Sep/0030.html \|title=OS detection not key to penetration \|publisher=Seclists.org \|date= \|accessdate=2011-11-25}}</ref> Targeting the ICMP datagram, an obfuscator running on top of IP in the internet layer acts as a "scrubbing tool" to confuse the TCP/IP fingerprinting data. These exist for [[MS Windows]],<ref>{{cite web\|url=http://www.irongeek.com/i.php?page=security/osfuscate-change-your-windows-os-tcp-ip-fingerprint-to-confuse-p0f-networkminer-ettercap-nmap-and-other-os-detection-tools \|title=OSfuscate \|publisher=Irongeek.com \|date=2008-09-30 \|accessdate=2011-11-25}}</ref> [[Linux]],<ref>{{cite web\|author=Carl-Daniel Hailfinger, carldani@4100XCDT \|url=http://ippersonality.sourceforge.net/ \|title=IPPersonality \|publisher=Ippersonality.sourceforge.net \|date= \|accessdate=2011-11-25}}</ref> and [[FreeBSD]],.<ref>{{cite web\|url=http://www.usenix.org/events/sec00/full_papers/smart/smart_html/index.html \|title=Defeating TCP/IP stack fingerprinting \|publisher=Usenix.org \|date=2002-01-29 \|accessdate=2011-11-25}}</ref> == Fingerprinting tools ==

TCP/IP stack fingerprinting: Difference between revisions