Passive Fingerprinting

by Lance Spitzner
Sept. 17, 2017 1 comment Symantec Pen Testing & Audits

One of the challenges of network security is learning about the bad guys. To understand your threats and better protect against them, you have to Know Your Enemy. Passive Fingerprinting is a method to learn more about the enemy, without them knowing it. Specifically, you can determine the operating system and other characteristics of the remote host using nothing more then sniffer traces. Though not 100% accurate, you can get surprisingly good results. Craig Smith has developed a proof of concept tool based on the concepts covered in this paper.

https://www.symantec.com/connect/articles/passive-fingerprinting

Avatar
2flash 2 months ago

Passive Fingerprinting gets more and more popular through out the cyber security field. It should be embraced faster....

Reply