Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: TCP/IP stack responses

  1. #1
    Member
    Join Date
    Dec 2002
    Posts
    63

    Question TCP/IP stack responses

    I am looking for a read on common responses from TCP/IP stacks to TCP packets with different flags set. (example: If a FIN packet is sent a ReSeT packet is usually returned; something along those lines but with more detail and examples) OS fingerprinting techniques achieve their findings by knowing this quite well. I am wondering if this is documented anywhere. I have searched google but I may not be using the correct search phrases. I have tried TCP/IP stack responses and "TCP/IP stack" flag returns. Any help will be greatly apreciated, and I thank you in advance.
    $pak = me;

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Posts
    723
    Why dont you check out the pages for tools that do fingerprinting? there is a good bit at http://www.insecure.org/nmap/nmap-fi...g-article.html , you may want to check out the tutorials by the horse13 here at AO also
    Do unto others as you would have them do unto you.
    The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
    -- true colors revealed, a brown shirt and jackboots

  3. #3
    Member
    Join Date
    Dec 2002
    Posts
    63
    Thank you for your suggestion
    $pak = me;

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    If you really want to know about the nitty gritty details of TCP/IP buy "TCP/IP Illustrated" by Richard Stevens. It's considered the bible of TCP/IP. You'll only need volume 1 if you're only interested in the protocol itself. Volume 2 covers socket programming and Volume 3 covers the more 'advanced' protocols like TLS.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    Search the site for the NMAP tutorials of Thehorse13 . They're really good.
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  6. #6
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    hmm i dont know if its still there since i havent been doin some stuff lately. been too busy wid programmin class..

    but try www.firewall.cx it has always been my choice of site when it comes to networking stuff.

  7. #7
    Member
    Join Date
    Dec 2002
    Posts
    63
    I greatfully read all of thehorse13's Nmap tutorials and eagerly waited for each new one. I am also anticipating Fyodor's book when it is released .

    I will find this TCP/IP Illustrated book and read it and also browse the site listed above.

    Thank you all.
    $pak = me;

  8. #8
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I just finished my class on TCP/IP this semester. I am going to attach a few things that may help you. Do yourself a favor; rename these to .doc instead of the .txt ok?

  9. #9
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Another:

  10. #10
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Another long one:

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •