December 22nd, 2003, 12:10 AM
TCP/IP stack responses
I am looking for a read on common responses from TCP/IP stacks to TCP packets with different flags set. (example: If a FIN packet is sent a ReSeT packet is usually returned; something along those lines but with more detail and examples) OS fingerprinting techniques achieve their findings by knowing this quite well. I am wondering if this is documented anywhere. I have searched google but I may not be using the correct search phrases. I have tried TCP/IP stack responses and "TCP/IP stack" flag returns. Any help will be greatly apreciated, and I thank you in advance.
December 22nd, 2003, 01:01 AM
Why dont you check out the pages for tools that do fingerprinting? there is a good bit at http://www.insecure.org/nmap/nmap-fi...g-article.html , you may want to check out the tutorials by the horse13 here at AO also
Do unto others as you would have them do unto you.
The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
-- true colors revealed, a brown shirt and jackboots
December 22nd, 2003, 02:44 AM
Thank you for your suggestion
December 22nd, 2003, 11:07 AM
If you really want to know about the nitty gritty details of TCP/IP buy "TCP/IP Illustrated" by Richard Stevens. It's considered the bible of TCP/IP. You'll only need volume 1 if you're only interested in the protocol itself. Volume 2 covers socket programming and Volume 3 covers the more 'advanced' protocols like TLS.
Experience is something you don't get until just after you need it.
December 22nd, 2003, 11:35 AM
Search the site for the NMAP tutorials of Thehorse13 . They're really good.
December 22nd, 2003, 12:12 PM
hmm i dont know if its still there since i havent been doin some stuff lately. been too busy wid programmin class..
but try www.firewall.cx it has always been my choice of site when it comes to networking stuff.
December 23rd, 2003, 05:54 AM
I greatfully read all of thehorse13's Nmap tutorials and eagerly waited for each new one. I am also anticipating Fyodor's book when it is released .
I will find this TCP/IP Illustrated book and read it and also browse the site listed above.
Thank you all.
December 23rd, 2003, 06:15 AM
I just finished my class on TCP/IP this semester. I am going to attach a few things that may help you. Do yourself a favor; rename these to .doc instead of the .txt ok?
December 23rd, 2003, 06:16 AM
December 23rd, 2003, 06:21 AM