SlideShare a Scribd company logo

Device finger printing

Download as PPTX, PDF
M
Mohammed Muzzamil

I have done this presentation for my self study seminar in my mtech

Technology
1 of 10
By Mohammed Muzzamil. H M.Tech(IS) Guided by Mrs.Ritu agarwal
 Basically finger print generally is the finger impression of humans to identify the individuals
 Device finger print is to identify the individual devices  It is a compact summary of software and hardware settings collected from a remote computing device  It is also called machine finger print
 Passive:  TCP/IP configuration  OS finger print  Hardware clock skew  OSI layer based
 Active:  Invasive querying by the installation of executable codes on client machines  Helps in finding the MAC address or unique serial numbers assigned to the device
one may infer client configuration parameters with the help of layers  OSI Layer 7: FTP, HTTP, Telnet, TLS/SSL, DHCP  OSI Layer 5: SNMP, NetBIOS  OSI Layer 4: TCP, UDP  OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11  OSI Layer 2: SMB, CDP[9]
 Different operating systems, and different versions of the same operating system, set different defaults for these values  Initial packet size (16 bits)  Initial TTL (8 bits)  Window size (16 bits)  Max segment size (16 bits)  Window scaling value (8 bits)  "don't fragment" flag (1 bit)  "sackOK" flag (1 bit)  "nop" flag (1 bit)  The values may be combined to form a 67-bit signature, or fingerprint, for the target machine  With the help of the TTL and widow scaling we can find the OS
 Jpcap is an open source library for capturing and sending network packets from Java applications. It provides facilities to:  capture raw packets live from the wire.  save captured packets to an offline file, and read captured packets from an offline file.  automatically identify packet types and generate corresponding Java objects (for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets).  Filter the packets according to user-specified rules before dispatching them to the application.  send raw packets to the network
 Version  IP Header Length  Size of Datagram  Identification ( 16-bit number, together with the source address uniquely identifies this packet)  Flags (a sequence of three flags (one of the 4 bits is unused))  Fragmentation Offset  Time To Live (Number of hops /links which the packet may be routed over)  Protocol (e.g. 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP).  Header Checksum (Packets with an invalid checksum are discarded by all nodes in an IP network)  Source Address (the IP address of the original sender of the packet)  Destination Address (the IP address of the final destination of the packet)  Options (when used, the IP header length will be greater than five 32-bit words)
 OSI model  TCP/IP finger printing  OS fingerprinting  Grouping all this we will get a strong signature or the device finger print

Recommended

Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
DAVID RAUDALES
 
ipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BUipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BU
Rahul Singh
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
Mohammed Farrah
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
IPV6
IPV6IPV6
IPV6
Naza hamed Jan
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
Goutham Royal
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 

Recommended

Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
DAVID RAUDALES
 
ipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BUipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BU
Rahul Singh
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
Mohammed Farrah
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
IPV6
IPV6IPV6
IPV6
Naza hamed Jan
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
Goutham Royal
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
guestd05b31
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Chaman Poorani
 
T2 7 Chappell Network Forensics
T2 7 Chappell Network ForensicsT2 7 Chappell Network Forensics
T2 7 Chappell Network Forensics
Pramod Sana
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
Chippy Thomas
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Olli-Pekka Niemi
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
Linux Basic Networking Command
Linux Basic Networking CommandLinux Basic Networking Command
Linux Basic Networking Command
Akhil Nadh PC
 
Intro tcpip-part1
Intro tcpip-part1Intro tcpip-part1
Intro tcpip-part1
Kit Ramsey
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
Sourav Roy
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Piyush Mittal
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
Jim Gilsinn
 
Wireshark
WiresharkWireshark
Wireshark
btohara
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
myrajendra
 
Chapter2ccna
Chapter2ccnaChapter2ccna
Chapter2ccna
robertoxe
 
Raspberry pi Part 22
Raspberry pi Part 22Raspberry pi Part 22
Raspberry pi Part 22
Techvilla
 
0
00
0
ใอร่'ลุ๊ขตาล เดก'อินโนเซ้นท์'
 
เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1
ใอร่'ลุ๊ขตาล เดก'อินโนเซ้นท์'
 
Socket Programming w/ C# - IK
Socket Programming w/ C# - IKSocket Programming w/ C# - IK
Socket Programming w/ C# - IK
Ilgın Kavaklıoğulları
 
Np3
Np3Np3
Np3
Juan Manuel Sifuentes
 
R&M_Introduction
R&M_IntroductionR&M_Introduction
R&M_Introduction
Zsolt Rózsai
 
VGR 2015 Annual Report
VGR 2015 Annual ReportVGR 2015 Annual Report
VGR 2015 Annual Report
Renee Chapline
 
Unit 1 Basics Of Marketing
Unit 1 Basics Of MarketingUnit 1 Basics Of Marketing
Unit 1 Basics Of Marketing
mrhennings
 

More Related Content

What's hot

T2 7 Chappell Network Forensics
T2 7 Chappell Network ForensicsT2 7 Chappell Network Forensics
T2 7 Chappell Network Forensics
Pramod Sana
 
Intro tcpip-part1
Intro tcpip-part1Intro tcpip-part1
Intro tcpip-part1
Kit Ramsey
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
Sourav Roy
 
Wireshark
WiresharkWireshark
Wireshark
btohara
 
Chapter2ccna
Chapter2ccnaChapter2ccna
Chapter2ccna
robertoxe
 
Raspberry pi Part 22
Raspberry pi Part 22Raspberry pi Part 22
Raspberry pi Part 22
Techvilla
 

What's hot (19)

Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
T2 7 Chappell Network Forensics
T2 7 Chappell Network ForensicsT2 7 Chappell Network Forensics
T2 7 Chappell Network Forensics
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Linux Basic Networking Command
Linux Basic Networking CommandLinux Basic Networking Command
Linux Basic Networking Command
 
Intro tcpip-part1
Intro tcpip-part1Intro tcpip-part1
Intro tcpip-part1
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
 
Chapter2ccna
Chapter2ccnaChapter2ccna
Chapter2ccna
 
Raspberry pi Part 22
Raspberry pi Part 22Raspberry pi Part 22
Raspberry pi Part 22
 
0
00
0
 
เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1
 
Socket Programming w/ C# - IK
Socket Programming w/ C# - IKSocket Programming w/ C# - IK
Socket Programming w/ C# - IK
 
Np3
Np3Np3
Np3
 

Viewers also liked

VGR 2015 Annual Report
VGR 2015 Annual ReportVGR 2015 Annual Report
VGR 2015 Annual Report
Renee Chapline
 
Unit 1 Basics Of Marketing
Unit 1 Basics Of MarketingUnit 1 Basics Of Marketing
Unit 1 Basics Of Marketing
mrhennings
 
Share Market
Share MarketShare Market
Share Market
ashtle
 

Viewers also liked (6)

R&M_Introduction
R&M_IntroductionR&M_Introduction
R&M_Introduction
 
VGR 2015 Annual Report
VGR 2015 Annual ReportVGR 2015 Annual Report
VGR 2015 Annual Report
 
Unit 1 Basics Of Marketing
Unit 1 Basics Of MarketingUnit 1 Basics Of Marketing
Unit 1 Basics Of Marketing
 
Share Market
Share MarketShare Market
Share Market
 
Industrial Electronic Equipments Case Study
Industrial Electronic Equipments Case StudyIndustrial Electronic Equipments Case Study
Industrial Electronic Equipments Case Study
 
Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)
Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)
Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)
 

Similar to Device finger printing

Derevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameDerevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse game
Jaime Sánchez
 
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
eyebolloptics
 
Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)
Anil Madhavapeddy
 
Networking question
Networking questionNetworking question
Networking question
DEVBEJ
 
07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt
ssuserf7cd2b
 

Similar to Device finger printing (20)

Derevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameDerevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse game
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheet
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
 
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptan_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.ppt
 
Nmap & Network sniffing
Nmap & Network sniffingNmap & Network sniffing
Nmap & Network sniffing
 
Linuxnetworkingcommands
LinuxnetworkingcommandsLinuxnetworkingcommands
Linuxnetworkingcommands
 
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Prevention
 
Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)
 
Networking question
Networking questionNetworking question
Networking question
 
07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt
 
Network Layer
Network LayerNetwork Layer
Network Layer
 
ICMPV4
ICMPV4ICMPV4
ICMPV4
 
Basic networking
Basic networkingBasic networking
Basic networking
 
6
66
6
 
Network Layer & Transport Layer
Network Layer & Transport LayerNetwork Layer & Transport Layer
Network Layer & Transport Layer
 
IDS_WK_Arsalan.pptx
IDS_WK_Arsalan.pptxIDS_WK_Arsalan.pptx
IDS_WK_Arsalan.pptx
 
CCNA Interview.pdf
CCNA Interview.pdfCCNA Interview.pdf
CCNA Interview.pdf
 
Ospf routing protocol in gns3
Ospf routing protocol in gns3Ospf routing protocol in gns3
Ospf routing protocol in gns3
 
Internet Protocol
Internet ProtocolInternet Protocol
Internet Protocol
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 

Device finger printing

  • 1. By Mohammed Muzzamil. H M.Tech(IS) Guided by Mrs.Ritu agarwal
  • 2. Basically finger print generally is the finger impression of humans to identify the individuals
  • 3. Device finger print is to identify the individual devices  It is a compact summary of software and hardware settings collected from a remote computing device  It is also called machine finger print
  • 4. Passive:  TCP/IP configuration  OS finger print  Hardware clock skew  OSI layer based
  • 5. Active:  Invasive querying by the installation of executable codes on client machines  Helps in finding the MAC address or unique serial numbers assigned to the device
  • 6. one may infer client configuration parameters with the help of layers  OSI Layer 7: FTP, HTTP, Telnet, TLS/SSL, DHCP  OSI Layer 5: SNMP, NetBIOS  OSI Layer 4: TCP, UDP  OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11  OSI Layer 2: SMB, CDP[9]
  • 7. Different operating systems, and different versions of the same operating system, set different defaults for these values  Initial packet size (16 bits)  Initial TTL (8 bits)  Window size (16 bits)  Max segment size (16 bits)  Window scaling value (8 bits)  "don't fragment" flag (1 bit)  "sackOK" flag (1 bit)  "nop" flag (1 bit)  The values may be combined to form a 67-bit signature, or fingerprint, for the target machine  With the help of the TTL and widow scaling we can find the OS
  • 8. Jpcap is an open source library for capturing and sending network packets from Java applications. It provides facilities to:  capture raw packets live from the wire.  save captured packets to an offline file, and read captured packets from an offline file.  automatically identify packet types and generate corresponding Java objects (for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets).  Filter the packets according to user-specified rules before dispatching them to the application.  send raw packets to the network
  • 9. Version  IP Header Length  Size of Datagram  Identification ( 16-bit number, together with the source address uniquely identifies this packet)  Flags (a sequence of three flags (one of the 4 bits is unused))  Fragmentation Offset  Time To Live (Number of hops /links which the packet may be routed over)  Protocol (e.g. 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP).  Header Checksum (Packets with an invalid checksum are discarded by all nodes in an IP network)  Source Address (the IP address of the original sender of the packet)  Destination Address (the IP address of the final destination of the packet)  Options (when used, the IP header length will be greater than five 32-bit words)
  • 10. OSI model  TCP/IP finger printing  OS fingerprinting  Grouping all this we will get a strong signature or the device finger print