A banner is simply the text that is embedded with a message that is received from a host.
Usually this text includes signatures of applications that issue the message. So, they reveal themselves to us.
For more information about ethical hacking log on to http://www.arizonainfotech.com/
2. WHAT IS A BANNER?
A banner is simply the text that is embedded with a
message that is received from a host.
Usually this text includes signatures of applications
that issue the message. So, they reveal themselves to
us.
3. What is a Banner Grabbing?
Banner Grabbing is a technique used
by hackers to extract information
about a host. If successful, it can
identify the operating system, web
server and other applications running
on the target host.
4. Banner grabbing and operating system identification—
which can also be defined as fingerprinting the TCP/IP
stack—is the fourth step in the CEH scanning
methodology.
The process of fingerprinting allows the hacker to identify
particularly vulnerable or high-value targets on the
network. Hackers are looking for the easiest way to gain
access to a system or network.
Banner grabbing is the process of opening a connection
and reading the banner or response sent by the
application.
5. Many email, FTP, and web servers
will respond to a telnet connection
with the name and version of the
software.
This aids a hacker in fingerprinting
the OS and application software.
For example, a Microsoft Exchange
email server would only be
installed on a Windows OS.
There are two types of OS
fingerprinting:
1. Active
2. Passive
6. 1. ACTIVE STACK FINGERPRINTING
Is the most
common form
of
fingerprinting.
It involves
sending data to a
system to see
how the system
responds.
7. It’s based on the fact that various
operating system vendors implement
the TCP stack differently, and responses
will differ based on the operating
system. The responses are then
compared to a database to determine
the operating system.
Active stack fingerprinting is detectable because it
repeatedly attempts to connect with the same target
system.
8. 2.PASSIVE STACK FINGERPRINTING
Is stealthier and involves examining network to
determine the operating system.
It uses sniffing techniques instead of scanning
techniques.
Passive stack fingerprinting usually goes undetected by
an IDS or other security system but is less accurate
than active fingerprinting.
9. HOW IT'S DONE?
It can be done using tools like:
Telnet
Nmap
ID Serve
Get Requests
NetCraft
…
and many more tools can be used to pull this off.
For OS and Web server detection, we can grab a
banner of http.
10. IMPACT
Hackers grab banners all the
time. Although IPs can be
logged, hackers usually hide
their real IP before grabbing.
If they are successful in
grabbing a few banners they
can then use this information
to find applications that are
weak or have a security flaw.
11. IMPACT (cnt..)
Attackers then focus on
exploits that are targeted to
the services that you are
running.
There are hundreds of
services that can be queried
for banners and more than
often, a few have flaws or
are simply old versions.
12. REMEDY
This technique
reveals critical
information that
can be devastating.
To get rid of this,
first you need to
thoroughly analyze
what information is
leaked.
13. REMEDY (cnt..)
• Set up your services properly.
Default settings are always
insecure.
•Read the documentation and turn
off all the features that are
unnecessary
•Turn off services that you don't
need such as telnet.
•Hiding File Extensions from
WebPages
•Disabling or changing the
banner1