Ethical Hacking and Penetration Testing Guide



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə73/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   69   70   71   72   73   74   75   76   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

111
OS Fingerprinting
Nmap has a huge OS fingerprinting database with more than 2600 OS fingerprints. It sends TCP 
and UDP packets to the target machine, and the response that is received is compared with the 
database. If the fingerprint matches, it displays the results.
Command
:
nmap –O
The sample output looks as follows:
Nmap also has other options for guessing OS, such as –osscan-limit, which would limit 
the detection to a few, more promising targets. This would save a lot of time. The second one 
is – osscan-guess, which detects in a better and more aggressive manner. You can also use the –A 
command to perform both OS and service version detection:
nmap –n –A –T5
The –n –T5 parameter would speed up our scan, but you should keep in mind that OS detection 
and service detection methods are very loud at the other end and are often easily detected by IDS 
and IPS.
POF
POF stands for 
passive OS fingerprinting
. As the name suggests, it does not directly engage with the 
target while performing OS fingerprinting; it monitors and tries to identify the TCP stack, and 
based on the TCP stack type, it figures out the type of OS.
The following paragraph from official documentation describe the capabilities of POF:
Common uses for pof include reconnaissance during penetration tests; routine 
network monitoring; detection of unauthorized network interconnects in corpo-
rate environments; providing signals for abuse-prevention tools; and miscellaneous 
forensics.


112
◾ 
Ethical Hacking and Penetration Testing Guide
Output
Nmap has various options for interpreting the output in a user-friendly and readable format. It 
supports different types of output formats. The output formats may allow us to filter out results 
from nmap such as open ports, closed ports, and hosts.
The three popular formats used are discussed in brief next.
Normal Format
Greppable Format
XML Format
Normal Format
The normal format is used to output the results of nmap to any text file. Here is an example of a 
simple SYN scan. The results would be outputted to a file named rafay.txt.
Nmap –sS –PN  

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   69   70   71   72   73   74   75   76   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin