Revision as of 17:20, 16 June 2021 edit Rungspeek (talk \| contribs) 17 edits →Fingerprinting tools ← Previous edit		Revision as of 10:34, 19 September 2021 edit undo DanielPharos (talk \| contribs) Extended confirmed users 8,696 edits m →Protection against and detecting fingerprinting: Improved a link Next edit →
Line 25: Disallowing TCP/IP fingerprinting provides protection from [[vulnerability scanner]]s looking to target machines running a certain operating system. Fingerprinting facilitates attacks. Blocking those ICMP messages is only one of an array of defenses required for full protection against attacks.<ref>{{cite web\|url=http://seclists.org/pen-test/2007/Sep/0030.html \|title=OS detection not key to penetration \|publisher=Seclists.org \|date= \|accessdate=2011-11-25}}</ref> Targeting the ICMP datagram, an obfuscator running on top of IP in the internet layer acts as a "scrubbing tool" to confuse the TCP/IP fingerprinting data. These exist for [[MSMicrosoft Windows]],<ref>{{cite web\|url=http://www.irongeek.com/i.php?page=security/osfuscate-change-your-windows-os-tcp-ip-fingerprint-to-confuse-p0f-networkminer-ettercap-nmap-and-other-os-detection-tools \|title=OSfuscate \|publisher=Irongeek.com \|date=2008-09-30 \|accessdate=2011-11-25}}</ref> [[Linux]]<ref>{{cite web\|author=Carl-Daniel Hailfinger, carldani@4100XCDT \|url=http://ippersonality.sourceforge.net/ \|title=IPPersonality \|publisher=Ippersonality.sourceforge.net \|date= \|accessdate=2011-11-25}}</ref> and [[FreeBSD]].<ref>{{cite web\|url=http://www.usenix.org/events/sec00/full_papers/smart/smart_html/index.html \|title=Defeating TCP/IP stack fingerprinting \|publisher=Usenix.org \|date=2002-01-29 \|accessdate=2011-11-25}}</ref> == Fingerprinting tools ==

TCP/IP stack fingerprinting: Difference between revisions