Identifying the Operating System is a technique used in scanning. Once the OS is identified, an attacker can launch an attack, specifically designed for that system. Lisa Bock covers Passive OS discovery using Wireshark; and view OS system identifiers in various headers, such as the Browser protocol and HTTP headers.
- View Offline
- [Voiceover] Identifying the operating system…is a technique used in scanning.…Once the operating system is identified,…an attacker can launch an attack…specifically designed for that system.…A tool, such as Nmap, identifies the operating system…based on specific behavior,…such as TCP window size in the TCP header,…and Time to live value in an IP header,…which differ according to different operating systems.…Identifying the operating system can be passive.…
One way is to simply launch a packet capture tool,…such as Wireshark and observe the traffic.…When monitoring the traffic,…operating system identifiers can appear in various headers.…I'll share a couple of ways…of conducting passive operating system discovery.…One protocol that shares information about devices…and services on a network,…is the Browser protocol,…which collects and shares information about…the work groups, domains, and servers on the network.…Browser protocol operates on top of…Server Message Block, and normally,…the Primary Domain Controller is the master…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50). This course maps to the 03 Scanning Networks domain.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling