Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (19)
Andere mochten auch
Ähnlich wie Device finger printing
Ähnlich wie Device finger printing (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Device finger printing
- 1. By Mohammed Muzzamil. H M.Tech(IS) Guided by Mrs.Ritu agarwal
- 2. Basically finger print generally is the finger impression of humans to identify the individuals
- 3. Device finger print is to identify the individual devices It is a compact summary of software and hardware settings collected from a remote computing device It is also called machine finger print
- 4. Passive: TCP/IP configuration OS finger print Hardware clock skew OSI layer based
- 5. Active: Invasive querying by the installation of executable codes on client machines Helps in finding the MAC address or unique serial numbers assigned to the device
- 6. one may infer client configuration parameters with the help of layers OSI Layer 7: FTP, HTTP, Telnet, TLS/SSL, DHCP OSI Layer 5: SNMP, NetBIOS OSI Layer 4: TCP, UDP OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11 OSI Layer 2: SMB, CDP[9]
- 7. Different operating systems, and different versions of the same operating system, set different defaults for these values Initial packet size (16 bits) Initial TTL (8 bits) Window size (16 bits) Max segment size (16 bits) Window scaling value (8 bits) "don't fragment" flag (1 bit) "sackOK" flag (1 bit) "nop" flag (1 bit) The values may be combined to form a 67-bit signature, or fingerprint, for the target machine With the help of the TTL and widow scaling we can find the OS
- 8. Jpcap is an open source library for capturing and sending network packets from Java applications. It provides facilities to: capture raw packets live from the wire. save captured packets to an offline file, and read captured packets from an offline file. automatically identify packet types and generate corresponding Java objects (for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets). Filter the packets according to user-specified rules before dispatching them to the application. send raw packets to the network
- 9. Version IP Header Length Size of Datagram Identification ( 16-bit number, together with the source address uniquely identifies this packet) Flags (a sequence of three flags (one of the 4 bits is unused)) Fragmentation Offset Time To Live (Number of hops /links which the packet may be routed over) Protocol (e.g. 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP). Header Checksum (Packets with an invalid checksum are discarded by all nodes in an IP network) Source Address (the IP address of the original sender of the packet) Destination Address (the IP address of the final destination of the packet) Options (when used, the IP header length will be greater than five 32-bit words)
- 10. OSI model TCP/IP finger printing OS fingerprinting Grouping all this we will get a strong signature or the device finger print