Wikipedia

TCP/IP stack fingerprinting

This is an old revision of this page, as edited by Kr4d (talk | contribs) at 09:40, 24 August 2006 (Trivial URL fix (moved)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

TCP/IP stack fingerprinting (or OS fingerprinting) is the process in computing of determining the identity of a remote host's operating system by analyzing packets from that host.

There are two different types, active and passive. Passive OS fingerprinting identifies the remote operating system with packets that are received, without sending any packets. Active OS fingerprinting, by contrast, sends packets and waits for a response (or lack of one). Active OS fingerprinting sometimes sends strange packets, because different implementations respond differently to such errors.

Nmap is a tool that performs TCP/IP stack fingerprinting.


 

This computer networking article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=TCP/IP_stack_fingerprinting&oldid=71565156"