2. System analysis
Port scanning is currently the most accurate technique for identifying the operating system behind an IP address, and the network services it offers. The problem with portscanning is that the machine being scanned may be behind a firewall, or it may itself be tracing connection attempts made on its ports.
The most famous port-scanning tool, nmap, developed by Fyodor, brings together several techniques based on deviations in TCP/IP protocol behavior to bypass protection systems or detect port status without being traced (logged) by the target machine or firewall on the network path.
What's more, once a machine has been scanned, this still doesn't indicate its operating system, or even its version. nmap also offers a technique known as TCP fingerprinting, enabling this information to be obtained solely on the basis of the network behavior...
The Ultimate Scientific and Technical Reference
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
System analysis
Conclusion
Bibliography
Reference
- (1) - KLAUS (C.) - Stealth Scanning. Bypassing Firewalls/SATAN Detectors - . Déc. 1995. http://web.textfiles.com/hacking/passivep.txt
- (2) - - Traduction...
Organizations
Internet Assigned Numbers Authority (IANA) http://www.iana.org
Internet Engineering Task Force (IETF) http://www.ietf.org
The Ultimate Scientific and Technical Reference
