티스토리 뷰

보안

passive fingerprinting

초보의 CHOMAN 2015.06.12 11:19

IP Header
- TOS (Type of service)
- Total Length
- TTL (Time-to-live)

Tcp Header
- Window
- Option : MMS (Maximum Segment Size), TimeStamp, Windows Scale (wscale)
SackOK (Selective Acknowledgement), Nop

Windows 시스템에서 (SYN 패킷)
- TTL : 128 (대부분 128)
- Windows : 16384
- TCP Option : <mms 1460,nop,nop.ackOK>
- Total Length : 48 Bytes

Linux Kernel 2.4.x
- TTL : 64
- Window : 5840 ( 보통 Linux 2.2 kernel : 32120)
- TCP option : <mms 1460,sackOK,timestamp 23310 0,nop,wscale 0>
- Total Length : 60 Byte

E-Mail 헤더
- Received : from B (dns-name [ip-address]) by A ... for ...
- 메일이 메일서버를 경유하면 ( ) 부분을 위조 할수가 없게 됨

댓글
댓글쓰기 폼