[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IDS: Passive Fingerprinting

To: ids@uow.edu.au, firewall-wizards@nfr.net
Subject: IDS: Passive Fingerprinting
From: Lance Spitzner <lance@spitzner.net>
Date: Sat, 22 Apr 2000 23:49:04 -0500 (CDT)

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner@uow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo@uow.edu.au
-----------------------------------------------------------------------------
Passive Fingerprinting is a method of determining
a remote operating system based solely on sniffer
traces.  Though the concept is not new, little has
been documented about it.  To help me in the
analysis of system attacks, I have developed such 
documentation.

I have written a rough draft and a database for
passive fingerprinting.  I am hoping some of the
guru's here could check it out and give me their
suggestions/experiences.  Also, I would appreciate
any signatures to add to the database.  The paper
is a working draft.

Passive Fingerprinting:
http://www.enteract.com/~lspitz/finger.html

Thanks!

Lance Spitzner
http://www.enteract.com/~lspitz/papers.html

Prev by Date: Re: IDS: implications of recent legal trends
Next by Date: Re: IDS: [Fwd: [Fwd: Fwd: Emergency...Pls Forward This To Everyone You Know]]
Prev by thread: IDS: SANS Parliament Hill 2000 > Welcome to SANS Parliament Hill 2000
Next by thread: IDS: IDS Focus Area at SecurityFocus.com
Index(es):
- Date
- Thread