Techniques and countermeasures of TCP/IP OS fingerprinting on Linux Systems

UKZN ResearchSpace

Show simple item record

dc.contributor.advisor Vorster, Luke.
dc.contributor.advisor Erwin, David.
dc.creator Stopforth, Riaan.
dc.date.created 2007
dc.date.issued 2007
dc.identifier.uri http://hdl.handle.net/10413/458
dc.description Thesis (M.Sc. - Computer)-University of KwaZulu-Natal, Durban, 2007.
dc.description.abstract Port scanning is the first activity an attacker pursues when attempting to compromise a target system on a network. The aim is to gather information that will result in identifying one or more vulnerabilities in that system. For example, network ports that are open can reveal which applications and services are running on the system. How a port responds when probed with data can reveal which protocol the port utilises and can also reveal which implementation of that protocol is being employed. One of the most valuable pieces of information to be gained via scanning and probing techniques is the operating system that is installed on the target. This technique is called operating system fingerprinting. The purpose of this research is to alert computer users of the dangers of port scanning, probing, and operating system fingerprinting by exposing these techniques and advising the users on which preventative countermeasures to take against them. Analysis is performed on the Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Protocol (IPv4 and IPv6), and the Internet Control Message Protocol (ICMPv4 and ICMPv6). All the software used in this project is free and open source. The operating system used for testing is Linux (2.4 and 2.6 kernels). Scanning, probing, and detection techniques are investigated in the context of the Network Mapper and Xprobe2 tools.
dc.language.iso en en_US
dc.subject TCP/IP (Computer network protocol) en_US
dc.subject Computer pattern recognition. en_US
dc.subject Dissertations, Academic--University of KwaZulu-Natal (Westville).
dc.title Techniques and countermeasures of TCP/IP OS fingerprinting on Linux Systems en_US
dc.type Thesis en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search UKZN ResearchSpace


Advanced Search

Browse

My Account