SlideShare a Scribd company logo

Device finger printing

Download as PPTX, PDF
M
Mohammed Muzzamil

I have done this presentation for my self study seminar in my mtech

Technology
1 of 10
By Mohammed Muzzamil. H M.Tech(IS) Guided by Mrs.Ritu agarwal
 Basically finger print generally is the finger impression of humans to identify the individuals
 Device finger print is to identify the individual devices  It is a compact summary of software and hardware settings collected from a remote computing device  It is also called machine finger print
 Passive:  TCP/IP configuration  OS finger print  Hardware clock skew  OSI layer based
 Active:  Invasive querying by the installation of executable codes on client machines  Helps in finding the MAC address or unique serial numbers assigned to the device
one may infer client configuration parameters with the help of layers  OSI Layer 7: FTP, HTTP, Telnet, TLS/SSL, DHCP  OSI Layer 5: SNMP, NetBIOS  OSI Layer 4: TCP, UDP  OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11  OSI Layer 2: SMB, CDP[9]
 Different operating systems, and different versions of the same operating system, set different defaults for these values  Initial packet size (16 bits)  Initial TTL (8 bits)  Window size (16 bits)  Max segment size (16 bits)  Window scaling value (8 bits)  "don't fragment" flag (1 bit)  "sackOK" flag (1 bit)  "nop" flag (1 bit)  The values may be combined to form a 67-bit signature, or fingerprint, for the target machine  With the help of the TTL and widow scaling we can find the OS
 Jpcap is an open source library for capturing and sending network packets from Java applications. It provides facilities to:  capture raw packets live from the wire.  save captured packets to an offline file, and read captured packets from an offline file.  automatically identify packet types and generate corresponding Java objects (for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets).  Filter the packets according to user-specified rules before dispatching them to the application.  send raw packets to the network
 Version  IP Header Length  Size of Datagram  Identification ( 16-bit number, together with the source address uniquely identifies this packet)  Flags (a sequence of three flags (one of the 4 bits is unused))  Fragmentation Offset  Time To Live (Number of hops /links which the packet may be routed over)  Protocol (e.g. 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP).  Header Checksum (Packets with an invalid checksum are discarded by all nodes in an IP network)  Source Address (the IP address of the original sender of the packet)  Destination Address (the IP address of the final destination of the packet)  Options (when used, the IP header length will be greater than five 32-bit words)
 OSI model  TCP/IP finger printing  OS fingerprinting  Grouping all this we will get a strong signature or the device finger print

Recommended

Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
DAVID RAUDALES
 
ipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BUipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BU
Rahul Singh
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
Mohammed Farrah
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
IPV6
IPV6IPV6
IPV6
Naza hamed Jan
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
Goutham Royal
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 

Recommended

Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
DAVID RAUDALES
 
ipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BUipv6 presentation by Rahul uit BU
ipv6 presentation by Rahul uit BU
Rahul Singh
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
Mohammed Farrah
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
IPV6
IPV6IPV6
IPV6
Naza hamed Jan
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
Goutham Royal
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
guestd05b31
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Chaman Poorani
 
T2 7 Chappell Network Forensics
T2 7 Chappell Network ForensicsT2 7 Chappell Network Forensics
T2 7 Chappell Network Forensics
Pramod Sana
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
Chippy Thomas
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Olli-Pekka Niemi
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
Linux Basic Networking Command
Linux Basic Networking CommandLinux Basic Networking Command
Linux Basic Networking Command
Akhil Nadh PC
 
Intro tcpip-part1
Intro tcpip-part1Intro tcpip-part1
Intro tcpip-part1
Kit Ramsey
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
Sourav Roy
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Piyush Mittal
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
Jim Gilsinn
 
Wireshark
WiresharkWireshark
Wireshark
btohara
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
myrajendra
 
Chapter2ccna
Chapter2ccnaChapter2ccna
Chapter2ccna
robertoxe
 
Raspberry pi Part 22
Raspberry pi Part 22Raspberry pi Part 22
Raspberry pi Part 22
Techvilla
 
0
00
0
ใอร่'ลุ๊ขตาล เดก'อินโนเซ้นท์'
 
เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1
ใอร่'ลุ๊ขตาล เดก'อินโนเซ้นท์'
 
Socket Programming w/ C# - IK
Socket Programming w/ C# - IKSocket Programming w/ C# - IK
Socket Programming w/ C# - IK
Ilgın Kavaklıoğulları
 
Np3
Np3Np3
Np3
Juan Manuel Sifuentes
 
R&M_Introduction
R&M_IntroductionR&M_Introduction
R&M_Introduction
Zsolt Rózsai
 
VGR 2015 Annual Report
VGR 2015 Annual ReportVGR 2015 Annual Report
VGR 2015 Annual Report
Renee Chapline
 
Unit 1 Basics Of Marketing
Unit 1 Basics Of MarketingUnit 1 Basics Of Marketing
Unit 1 Basics Of Marketing
mrhennings
 

More Related Content

What's hot

T2 7 Chappell Network Forensics
T2 7 Chappell Network ForensicsT2 7 Chappell Network Forensics
T2 7 Chappell Network Forensics
Pramod Sana
 
Intro tcpip-part1
Intro tcpip-part1Intro tcpip-part1
Intro tcpip-part1
Kit Ramsey
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
Sourav Roy
 
Wireshark
WiresharkWireshark
Wireshark
btohara
 
Chapter2ccna
Chapter2ccnaChapter2ccna
Chapter2ccna
robertoxe
 
Raspberry pi Part 22
Raspberry pi Part 22Raspberry pi Part 22
Raspberry pi Part 22
Techvilla
 

What's hot (19)

Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
T2 7 Chappell Network Forensics
T2 7 Chappell Network ForensicsT2 7 Chappell Network Forensics
T2 7 Chappell Network Forensics
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Linux Basic Networking Command
Linux Basic Networking CommandLinux Basic Networking Command
Linux Basic Networking Command
 
Intro tcpip-part1
Intro tcpip-part1Intro tcpip-part1
Intro tcpip-part1
 
Network Protocol Analyzer
Network Protocol AnalyzerNetwork Protocol Analyzer
Network Protocol Analyzer
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Ports & sockets
Ports & sockets Ports & sockets
Ports & sockets
 
Chapter2ccna
Chapter2ccnaChapter2ccna
Chapter2ccna
 
Raspberry pi Part 22
Raspberry pi Part 22Raspberry pi Part 22
Raspberry pi Part 22
 
0
00
0
 
เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1เคร อข ายคอมพ_วเตอร_ 1
เคร อข ายคอมพ_วเตอร_ 1
 
Socket Programming w/ C# - IK
Socket Programming w/ C# - IKSocket Programming w/ C# - IK
Socket Programming w/ C# - IK
 
Np3
Np3Np3
Np3
 

Viewers also liked

VGR 2015 Annual Report
VGR 2015 Annual ReportVGR 2015 Annual Report
VGR 2015 Annual Report
Renee Chapline
 
Unit 1 Basics Of Marketing
Unit 1 Basics Of MarketingUnit 1 Basics Of Marketing
Unit 1 Basics Of Marketing
mrhennings
 
Share Market
Share MarketShare Market
Share Market
ashtle
 

Viewers also liked (6)

R&M_Introduction
R&M_IntroductionR&M_Introduction
R&M_Introduction
 
VGR 2015 Annual Report
VGR 2015 Annual ReportVGR 2015 Annual Report
VGR 2015 Annual Report
 
Unit 1 Basics Of Marketing
Unit 1 Basics Of MarketingUnit 1 Basics Of Marketing
Unit 1 Basics Of Marketing
 
Share Market
Share MarketShare Market
Share Market
 
Industrial Electronic Equipments Case Study
Industrial Electronic Equipments Case StudyIndustrial Electronic Equipments Case Study
Industrial Electronic Equipments Case Study
 
Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)
Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)
Teaching via social networks(SOCIAL MEDIA FOR EDUCATION)
 

Similar to Device finger printing

Derevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameDerevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse game
Jaime Sánchez
 
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
eyebolloptics
 
Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)
Anil Madhavapeddy
 
Networking question
Networking questionNetworking question
Networking question
DEVBEJ
 
07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt
ssuserf7cd2b
 

Similar to Device finger printing (20)

Derevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse gameDerevolutionizing OS Fingerprinting: The cat and mouse game
Derevolutionizing OS Fingerprinting: The cat and mouse game
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheet
 
OS Fingerprinting
OS FingerprintingOS Fingerprinting
OS Fingerprinting
 
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptan_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.ppt
 
Nmap & Network sniffing
Nmap & Network sniffingNmap & Network sniffing
Nmap & Network sniffing
 
Linuxnetworkingcommands
LinuxnetworkingcommandsLinuxnetworkingcommands
Linuxnetworkingcommands
 
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
1)Please explain the commands ifconfig, ping, traceroute, netstat, d.pdf
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Prevention
 
Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)Mirage: ML kernels in the cloud (ML Workshop 2010)
Mirage: ML kernels in the cloud (ML Workshop 2010)
 
Networking question
Networking questionNetworking question
Networking question
 
07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt07 - TCP_IP and the DoD Model.ppt
07 - TCP_IP and the DoD Model.ppt
 
Network Layer
Network LayerNetwork Layer
Network Layer
 
ICMPV4
ICMPV4ICMPV4
ICMPV4
 
Basic networking
Basic networkingBasic networking
Basic networking
 
6
66
6
 
Network Layer & Transport Layer
Network Layer & Transport LayerNetwork Layer & Transport Layer
Network Layer & Transport Layer
 
IDS_WK_Arsalan.pptx
IDS_WK_Arsalan.pptxIDS_WK_Arsalan.pptx
IDS_WK_Arsalan.pptx
 
CCNA Interview.pdf
CCNA Interview.pdfCCNA Interview.pdf
CCNA Interview.pdf
 
Ospf routing protocol in gns3
Ospf routing protocol in gns3Ospf routing protocol in gns3
Ospf routing protocol in gns3
 
Internet Protocol
Internet ProtocolInternet Protocol
Internet Protocol
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Device finger printing

  • 1. By Mohammed Muzzamil. H M.Tech(IS) Guided by Mrs.Ritu agarwal
  • 2. Basically finger print generally is the finger impression of humans to identify the individuals
  • 3. Device finger print is to identify the individual devices  It is a compact summary of software and hardware settings collected from a remote computing device  It is also called machine finger print
  • 4. Passive:  TCP/IP configuration  OS finger print  Hardware clock skew  OSI layer based
  • 5. Active:  Invasive querying by the installation of executable codes on client machines  Helps in finding the MAC address or unique serial numbers assigned to the device
  • 6. one may infer client configuration parameters with the help of layers  OSI Layer 7: FTP, HTTP, Telnet, TLS/SSL, DHCP  OSI Layer 5: SNMP, NetBIOS  OSI Layer 4: TCP, UDP  OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11  OSI Layer 2: SMB, CDP[9]
  • 7. Different operating systems, and different versions of the same operating system, set different defaults for these values  Initial packet size (16 bits)  Initial TTL (8 bits)  Window size (16 bits)  Max segment size (16 bits)  Window scaling value (8 bits)  "don't fragment" flag (1 bit)  "sackOK" flag (1 bit)  "nop" flag (1 bit)  The values may be combined to form a 67-bit signature, or fingerprint, for the target machine  With the help of the TTL and widow scaling we can find the OS
  • 8. Jpcap is an open source library for capturing and sending network packets from Java applications. It provides facilities to:  capture raw packets live from the wire.  save captured packets to an offline file, and read captured packets from an offline file.  automatically identify packet types and generate corresponding Java objects (for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets).  Filter the packets according to user-specified rules before dispatching them to the application.  send raw packets to the network
  • 9. Version  IP Header Length  Size of Datagram  Identification ( 16-bit number, together with the source address uniquely identifies this packet)  Flags (a sequence of three flags (one of the 4 bits is unused))  Fragmentation Offset  Time To Live (Number of hops /links which the packet may be routed over)  Protocol (e.g. 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP).  Header Checksum (Packets with an invalid checksum are discarded by all nodes in an IP network)  Source Address (the IP address of the original sender of the packet)  Destination Address (the IP address of the final destination of the packet)  Options (when used, the IP header length will be greater than five 32-bit words)
  • 10. OSI model  TCP/IP finger printing  OS fingerprinting  Grouping all this we will get a strong signature or the device finger print