Rayanaddad
Hello,
I currently have an assignment related to os fingerprinting.
The goal is to identify a machine, Android, Apple, Windows for example, by analyzing the traffic of a certain network.
Each machine is known to use specific values for certain fields of a packet, for example TTL.
Anyone can enlighten me me on the subject?
Thank you,
Rayan
Stygmata
Hamra
nmap is a free open source *nix tool that can do this fingerprinting amongst other things.
Check out their source code. They have a file where they store all the common fingerprints, look for it, and check it out.
nuclearcat
rolf
nmap is the tool you want. It does it automatically.
If the requirement of your assignement is to explain or write the code yourself, then you're going to have to do research. Maybe you can try to find documentation about how nmap does it. I know for one thing that when the browser connects to a server, it gives a user string, by default containing info about the OS. But if you are probing machines, then you can't cause them to do that, so you have to do other things, such as probing for open ports. Window machines will have some ports open, I think for SMB. Various details about how machines respond can give off clues about the OS. Firewalls make it more difficult. Here again for more precise info you will have to research.