Detecting the Presence of Virtual Machines Using the Local Data Table - This paper describes a method for determining the presence of virtual machine emulation in a non-privileged operating environment. This attack is useful for triggering anti-virtualization attacks and evading analysis.
92a990116970ebe86c383ab30e4ac4c1Remote physical device fingerprinting by exploiting small, microscopic deviations in device hardware: clock skews. Presents research showing accuracy equivalent to DNA matches, even when the target was hundreds of milliseconds away.
d9e6959691955d6c56f6b903643b9f8aPaper discussing utilization of port zero for OS fingerprinting and how to protect against it.
bcd6916661d1dd7789bd056c6ab8e767Remote OS Detection using LPD Querying - Line printer daemons listening on TCP port 515 can give away information about which OS is running. Proof of concept code which contains a database of LPD returned messages and OS matches here.
4e667a19a6fc4fd69e37e0ce2175a2daExamining Advanced Remote OS Detection Methods/Concepts using Perl - This paper discusses the theory and practice behind OS detection with a specific focus on the practice related to the PERL programming language. Methods and concepts for remote operating system detection are closely examined and implemented into Perl code.
ae8c4eb4e2c8beb1a0dce5dd6872a449Pho's alternate remote OS detection techinques page has been updated. Includes information on ICMP techniques, ARP techniques, IP techniques, and UDP techniques.
bbc82d05af7c37437490790e3576a887
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed