Skip to main content

Detect OS using IP address?

More
19 years 1 week ago #11370 by apit
can we detect operating system just using ip address?
how to do it?
since i'm sys admin at my company,this is important to me to monitor all user Operating system
More
19 years 1 week ago #11379 by DaLight
Using network scanners such as Nmap , it is pretty easy to scan a range of IPs and determine the operating systems running on the machines.
More
19 years 1 week ago #11383 by apit
if we scan from inside and outside the network, is it display with the same result?
More
19 years 1 week ago #11387 by FallenZer0

if we scan from inside and outside the network, is it display with the same result?


Why in the first place you would want inbound traffic from untrusted sources be given the ability to scan your networks?

Why would you give rights/permissions to users inside to install software so they can do OS Finger Printing?

I would think user be given only rights to do their job.

Lets say an Intelligent user works around to do OS FingerPrinting.
He should then find the Vulnerabilities to exploit it. Isn't it you job to make sure all the holes are closed?

I don't have real world experinces and the above is purely from my common sense approach and I'm sure you can find more creative ways of protecting your networks as there are people in this world.

-There Is A Foolish Corner In The Brain Of The Wisest Man- Aristotle
More
19 years 1 week ago #11395 by nske

if we scan from inside and outside the network, is it display with the same result?


If the addresses that you scan are routable from the outside and no filtering takes place, then the results would be the same. OS fingerprinting techniques rely on the exchange of packets, by collecting information both from unique patterns and behaviours of each OS's tcp/ip stack, and from checking information graciously provided from software services' banners.

It is not any distinguishable (filterable) kind of inbound traffic used for OS fingerprinting, so if you want any service to be available publicly then this is enough for anyone to take an educated guess about the OS answering. However, since firewalls and nat devices can mess with some of the fingerprinting techniques, you should get more accurate and specific results by scanning from within the network.

The software than Dalight suggested, nmap, implements probably the most efficient method combination for OS fingerprinting and it should be your first choise!
More
18 years 11 months ago #11675 by apit
do you ever heard about detect OS just using TTL value?
Time to create page: 0.133 seconds