Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Normal Format
|
111
OS Fingerprinting Nmap has a huge OS fingerprinting database with more than 2600 OS fingerprints. It sends TCP and UDP packets to the target machine, and the response that is received is compared with the database. If the fingerprint matches, it displays the results. Command : nmap –O The sample output looks as follows: Nmap also has other options for guessing OS, such as –osscan-limit, which would limit the detection to a few, more promising targets. This would save a lot of time. The second one is – osscan-guess, which detects in a better and more aggressive manner. You can also use the –A command to perform both OS and service version detection: nmap –n –A –T5 The –n –T5 parameter would speed up our scan, but you should keep in mind that OS detection and service detection methods are very loud at the other end and are often easily detected by IDS and IPS. POF POF stands for passive OS fingerprinting . As the name suggests, it does not directly engage with the target while performing OS fingerprinting; it monitors and tries to identify the TCP stack, and based on the TCP stack type, it figures out the type of OS. The following paragraph from official documentation describe the capabilities of POF: Common uses for pof include reconnaissance during penetration tests; routine network monitoring; detection of unauthorized network interconnects in corpo- rate environments; providing signals for abuse-prevention tools; and miscellaneous forensics. 112 ◾ Ethical Hacking and Penetration Testing Guide Output Nmap has various options for interpreting the output in a user-friendly and readable format. It supports different types of output formats. The output formats may allow us to filter out results from nmap such as open ports, closed ports, and hosts. The three popular formats used are discussed in brief next. Normal Format Greppable Format XML Format Normal Format The normal format is used to output the results of nmap to any text file. Here is an example of a simple SYN scan. The results would be outputted to a file named rafay.txt. Nmap –sS –PN Yüklə 22,44 Mb. Dostları ilə paylaş:
|