[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Recognizing the Type of a Remote OS



Stanislav Malyshev a.k.a Frodo wrote:

> Well, if such a method exist (recoginising OS version by TCP traffic or
> any other way), it would be significant security breach in said systems.
> Think of "look on version -> search exploit database -> apply exploits ->
> repeat as needed -> get interview on BBC as 'most sophisticated hacker of
> the century' and 'the crusher of Pentagon and NSA'".

But even when you don't know the type of the OS, you can still try
the security holes of the various OSes in a loop; It will take
more time, but you will break the host.
Anyway, you can guess that *I* need it for another purpose...

>  Well, as for distinguishing UNIX from NT - most UNIX systems run telnet
> daemon (though many reject connections), while most NT systems do not.
                 ^^^^                            ^^^^
Most of the UNIXes reject connections (internally and/or in their
router and/or in their firewall), while NT 5.0 is said to include
telnet more natively than past releases. So you cannot distinguish
UNIX and NT according to this test.

Thanks anyway,
-- 
Eli Marmor