Common Attack Pattern Enumeration and Classification
A Community Resource for Identifying and Understanding Attacks
An attacker engages in TCP stack fingerprinting techniques to determine the type and version of operating systems on the network. TCP Fingerprinting involves manipulating portions of the TCP header or other characteristics in order to elicit a unique and identifiable response from an operating system. This response is compared against a database of known operating system fingerprints and a guess about the operating system type and version is made.
Target Attack Surface Description
Targeted OSI Layers: Network Layer Transport Layer Application Layer
Target Attack Surface Localities
Target Attack Surface Types: Host Service
Target Functional Services
[R.315.1] [REF-20] Stuart McClure, Joel Scambray and George Kurtz. "Hacking Exposed: Network Security Secrets & Solutions". Chapter 2: Scanning, pg. 56. 6th Edition. McGraw Hill. 2009.
[R.315.2] [REF-21] Defense Advanced Research Projects Agency Information Processing Techniques Office and Information Sciences Institute University of Southern California. "RFC793 - Transmission Control Protocol". Defense Advanced Research Projects Agency (DARPA). September 1981. <http://www.faqs.org/rfcs/rfc793.html>.
[R.315.3] [REF-22] Gordon "Fyodor" Lyon. "Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning". Chapter 8. Remote OS Detection. 3rd "Zero Day" Edition,. Insecure.com LLC. 2008.
More information is available — Please select a different filter.