Jon Lasser, 2002-01-30
Black hats use 'passive fingerprinting' to identify your operating system without you knowing it. But the technique is useful for white hats too.
Colapse all |
Post comment
Passive Aggressive
2002-02-01
Anonymous (1 replies)
Anonymous (1 replies)
Ethics is an interesting issues when talking about security. While I agree with you, I wonder how many other people do.
I've often thought of using passive fingerprinting to identify potential clients for Windows support or Novell support or whatever.
However, just the thought of using passive...
[ more ] [ reply ]
I've often thought of using passive fingerprinting to identify potential clients for Windows support or Novell support or whatever.
However, just the thought of using passive...
[ more ] [ reply ]
Passive Aggressive
2002-02-01
00011011 (4 replies)
00011011 (4 replies)
I think the idea of feeling sleazy because you used a fingerprinting tool is rediculous. It's not the fingerprinting that makes you sleazy. It's what you choose to do with the information gathered that could potentially make you feel sleazy.
BTW the word 'ethics' is plural......
[ more ] [ reply ]
BTW the word 'ethics' is plural......
[ more ] [ reply ]
Passive Aggressive
2002-02-03
Anonymous (1 replies)
Anonymous (1 replies)
Please, do not correct another user on their grammae when you fail to use it correctly yourself. The word is spelt "ridiculous". Thankyou....
[ more ] [ reply ]
[ more ] [ reply ]
Passive Aggressive: "License to Scan"
2002-02-03
frederic.debuck@advalvas.be (1 replies)
frederic.debuck@advalvas.be (1 replies)
I totally agree. In a first place, spying packet for looking after customers isn't the right way: make a good job, let it be known, and customers will come. if they don't you should probably spend more time enhancing your service than just finding ways to others. (don't want to blame you, you're ano...
[ more ] [ reply ]
[ more ] [ reply ]
Passive Aggressive:
2002-02-16
Anonymous (2 replies)
Anonymous (2 replies)
"global ethics doesn't work (hopefully in a way: imagine a world of billions of people all thinking the same way.. boring)"
Let's hope that globally most people understand the difference between right and wrong. This doesn't entail everyone thinking the same way about everything.
If I think th...
[ more ] [ reply ]
Let's hope that globally most people understand the difference between right and wrong. This doesn't entail everyone thinking the same way about everything.
If I think th...
[ more ] [ reply ]
Passive Aggressive:
2002-02-19
ABeggerAndAChooser
ABeggerAndAChooser
I'm sorry, Anonymous, but you cannot pick and choose which ethical viewpoints will be echoed on a global basis ("what is good?" verses "what is evil?"). I believe the destruction of the World Trade Center buildings illustrates this nicely. It conveniently overlooks the fact that not everyone is work...
[ more ] [ reply ]
[ more ] [ reply ]
Passive Aggressive
2002-02-04
Anonymous
Anonymous
Nice writeup and explanation of the tools.
I did a SANS talk on this subject many moons ago. I have a copy of the presentation on my site: http://johnny.ihackstuff.com in the security section titled "Passive Information Gathering: The risk of the silent attacker"
regards,
johnny
...
[ more ] [ reply ]
I did a SANS talk on this subject many moons ago. I have a copy of the presentation on my site: http://johnny.ihackstuff.com in the security section titled "Passive Information Gathering: The risk of the silent attacker"
regards,
johnny
...
[ more ] [ reply ]
Passive Aggressive
2002-02-04
arhodes
http://members.fortunecity.com/sektorsecurity/projects/archa
eopteryx.html
The description claims this tool is based off Siphon.
Uses WinPcap for network packet capture and runs on NT.
Another tool that takes the concept of the passive
"insider" attack even further is commercially available...
[ more ] [ reply ]
arhodes
http://members.fortunecity.com/sektorsecurity/projects/archa
eopteryx.html
The description claims this tool is based off Siphon.
Uses WinPcap for network packet capture and runs on NT.
Another tool that takes the concept of the passive
"insider" attack even further is commercially available...
[ more ] [ reply ]
Passive Aggressive
2002-02-06
raul
raul
using fingerprinting techniques are not within illegal.
it depends on the purpose of gathering this type of information, its like a moral and ethical and desicional issue. its like questioning whats next?
if this dont cause monetary damage, like performance etc etc and its not made with the info-g...
[ more ] [ reply ]
it depends on the purpose of gathering this type of information, its like a moral and ethical and desicional issue. its like questioning whats next?
if this dont cause monetary damage, like performance etc etc and its not made with the info-g...
[ more ] [ reply ]
Passive Aggressive
2002-02-06
raul
raul
using fingerprinting techniques are not within illegal.
it depends on the purpose of gathering this type of information, its like a moral and ethical and desicional issue. its like questioning whats next?
if this dont cause monetary damage, like performance etc etc and its not made with the info-g...
[ more ] [ reply ]
it depends on the purpose of gathering this type of information, its like a moral and ethical and desicional issue. its like questioning whats next?
if this dont cause monetary damage, like performance etc etc and its not made with the info-g...
[ more ] [ reply ]
Passive Aggressive
2002-02-07
DB
DB
A great way of foiling fingerprint attempts is to use a tool my bro found called fingerprintfucker. It lets you pick which fingerprint you want your system to be detected as from the nmap fingerprint file. I made my RH 6.2 box look like an apple laserwriter...cool!
The problem is that it seems to...
[ more ] [ reply ]
The problem is that it seems to...
[ more ] [ reply ]
[ more ] [ reply ]