Skip to main content

Information Gathering

More
19 years 11 months ago #6432 by DeathCode-r
Greetings:

If an IP is /known/, what are the different methods one can use to gather information with regards to

1] What Operating System Is Running?
2] Version?
3] Open Ports?

What other Information do People gather? I'm asking this for purely educational purposes.

Thankyou
More
19 years 11 months ago #6433 by nske
Replied by nske on topic Re: Information Gathering
are you asking from the programer's aspect or from the user's aspect? :)

In any case, a good place to start would be insecure.org, home of the most advanced IP scanner that implements mostly every detection-fingerprinting technique out there and has actually documented/introduced some original techniques on it's own.

In example, to answer your questions:

1) www.insecure.org/nmap/nmap-fingerprinting-article.html
2) www.insecure.org/nmap/versionscan.html
3) man nmap (or www.insecure.org/nmap/data/nmap_manpage.html )

Of course that's just a place to start, to continue, grabbing keywords from these texts and googling around them should give you more info than you can handle ;)

PS. People gather all that you and your software give away :)
More
19 years 11 months ago #6465 by sahirh
Replied by sahirh on topic Re: Information Gathering
Yep, nmap answers all your questions..

Bear in mind however that alot of people who are new to this stuff end up trying to scan an RFC 1918 IP address, or even worse.. the external interface of a NAT device of some poor ISP :)


Cheers,

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.118 seconds