论文信息 - Xprobe2++: Low volume remote network information gathering tool

Xprobe2++: Low volume remote network information gathering tool

Active operating system fingerprinting is the process of actively determining a target network system's underlying operating system type and characteristics by probing the target system network stack with specifically crafted packets and analyzing received response. Identifying the underlying operating system of a network host is an important characteristic that can be used to complement network inventory processes, intrusion detection system discovery mechanisms, security network scanners, vulnerability analysis systems and other security tools that need to evaluate vulnerabilities on remote network systems.

[1] Jian Jiao. A Method of Identify OS Based On TCP/IP Fingerprint , 2006 .

[2] Lloyd G. Greenwald,et al. Toward Undetected Operating System Fingerprinting , 2007, WOOT.

[3] Peng Ning,et al. Techniques and tools for analyzing intrusion alerts , 2004, TSEC.

[4] Franck Veysset,et al. New Tool And Technique For Remote Operating System Fingerprinting , 2002 .

[5] Herbert Bos,et al. SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots , 2007, Comput. Networks.

[6] Jason Bock,et al. NET security , 2002 .