Prev: Mobile connection
Next: web-based gmail problems.
From: annalissa on 24 Jul 2010 03:07
Hi all,

Windows Os uses letters to fill out a payload, and linux uses
numbers, so we can tailor our search to see what OS certain pings are
coming from using ngrep isn't it ?


ex:- ngrep -qpd eth0 'abcd' icmp
ngrep -qdp eth0 '1234' icmp

in a similar way how can i take the o/p of a ping broadcast command
( ping -b 192.168.0.255) and identify which OS is in a particular
Host ?

I have seen the TTL method given here :-
http://rahulhackingarticles.wetpaint.com/page/Remote+operating+system+detection

how correct is this or is there any other reliable way for O.S
identification vi ping command
From: Pascal Hambourg on 24 Jul 2010 04:57
Hello,

annalissa a �crit :
>
> Windows Os uses letters to fill out a payload, and linux uses
> numbers, so we can tailor our search to see what OS certain pings are
> coming from using ngrep isn't it ?
>
>
> ex:- ngrep -qpd eth0 'abcd' icmp
> ngrep -qdp eth0 '1234' icmp

Why not simply use the OS fingerprinting function in nmap ?

> in a similar way how can i take the o/p of a ping broadcast command
> ( ping -b 192.168.0.255) and identify which OS is in a particular
> Host ?

Note that "recent" version of Windows and Linux don't reply to ping
broadcast by default.
From: Rahul on 27 Jul 2010 19:24
Pascal Hambourg <boite-a-spam(a)plouf.fr.eu.org> wrote in news:i2e9su$gq$2
@saria.nerim.net:

> Note that "recent" version of Windows and Linux don't reply to ping
> broadcast by default.

Try going to the Network->Firewall and then Turn on the "Respond to echos"
under ICMP options.


--
Rahul
 | 
Pages: 1
Prev: Mobile connection
Next: web-based gmail problems.