A new method about operating system identification

Author

Han, Xinchao ; Du, Xianfeng

Author_Institution

ZhengZhou Key Lab. of Comput., ZhongYuan Univ. of Technol., Zhengzhou, China

fYear

2010

fDate

17-19 Sept. 2010

Firstpage

882

Lastpage

885

Abstract

To resolve the question: penetrate firewall and accurately identify the remote host operating system, research deeply on the ARP protocol and the TCP/IP protocol stack, provide a mothed about host detection through firewall, describes the TCP port scanning process, design a fingerprint storehouse, TCP bag first part and operating system detecting process, develop the network security assessment system based on this way. Test results show that this system can penetrate firewall and accurately identify the target host operating system.

Keywords

authorisation; computer network security; operating systems (computers); transport protocols; ARP protocol; TCP port scanning process; TCP/IP protocol stack; fingerprint storehouse design; firewall; host detection; network security assessment system; operating system detecting process; operating system identification; remote host operating system; Computers; Fingerprint recognition; Fires; IP networks; Operating systems; Protocols; Security; ARP Protocol; Network Security; Operating System Identification; TCP / IP Fingerprint;

fLanguage

English

Publisher

ieee

Conference_Titel

Information and Financial Engineering (ICIFE), 2010 2nd IEEE International Conference on

Conference_Location

Chongqing

Print_ISBN

978-1-4244-6927-7

Type

conf

DOI

10.1109/ICIFE.2010.5609496

Filename

5609496