ByMohammed Muzzamil. H     M.Tech(IS)                     Guided by               Mrs.Ritu agarwal
   Basically finger print generally is the finger    impression of humans to identify the    individuals
   Device finger print is to identify the individual    devices    It is a compact summary    of software and hardware s...
   Passive:       TCP/IP configuration       OS finger print       Hardware clock skew       OSI layer based
   Active:       Invasive querying by the installation of executable        codes on client machines         Helps in f...
one may infer client configuration    parameters with the help of layers   OSI Layer    7: FTP, HTTP, Telnet, TLS/SSL, DH...
   Different operating systems, and different versions of the same    operating system, set different defaults for these ...
   Jpcap is an open source library for capturing    and sending network packets from Java    applications. It provides fa...
   Version   IP Header Length   Size of Datagram   Identification ( 16-bit number, together with the source address   ...
   OSI model   TCP/IP finger printing   OS fingerprinting       Grouping all this we will get a strong signature or   ...
Upcoming SlideShare
Loading in...5
×

Device finger printing

225

Published on

I have done this presentation for my self study seminar in my mtech

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
225
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Device finger printing

  1. 1. ByMohammed Muzzamil. H M.Tech(IS) Guided by Mrs.Ritu agarwal
  2. 2.  Basically finger print generally is the finger impression of humans to identify the individuals
  3. 3.  Device finger print is to identify the individual devices It is a compact summary of software and hardware settings collected from a remote computing device It is also called machine finger print
  4. 4.  Passive:  TCP/IP configuration  OS finger print  Hardware clock skew  OSI layer based
  5. 5.  Active:  Invasive querying by the installation of executable codes on client machines  Helps in finding the MAC address or unique serial numbers assigned to the device
  6. 6. one may infer client configuration parameters with the help of layers OSI Layer 7: FTP, HTTP, Telnet, TLS/SSL, DHCP OSI Layer 5: SNMP, NetBIOS OSI Layer 4: TCP, UDP OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11 OSI Layer 2: SMB, CDP[9]
  7. 7.  Different operating systems, and different versions of the same operating system, set different defaults for these values Initial packet size (16 bits) Initial TTL (8 bits) Window size (16 bits) Max segment size (16 bits) Window scaling value (8 bits) "dont fragment" flag (1 bit) "sackOK" flag (1 bit) "nop" flag (1 bit) The values may be combined to form a 67-bit signature, or fingerprint, for the target machine With the help of the TTL and widow scaling we can find the OS
  8. 8.  Jpcap is an open source library for capturing and sending network packets from Java applications. It provides facilities to:  capture raw packets live from the wire.  save captured packets to an offline file, and read captured packets from an offline file.  automatically identify packet types and generate corresponding Java objects (for Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets).  Filter the packets according to user-specified rules before dispatching them to the application.  send raw packets to the network
  9. 9.  Version IP Header Length Size of Datagram Identification ( 16-bit number, together with the source address uniquely identifies this packet) Flags (a sequence of three flags (one of the 4 bits is unused)) Fragmentation Offset Time To Live (Number of hops /links which the packet may be routed over) Protocol (e.g. 1 = ICMP; 2= IGMP; 6 = TCP; 17= UDP). Header Checksum (Packets with an invalid checksum are discarded by all nodes in an IP network) Source Address (the IP address of the original sender of the packet) Destination Address (the IP address of the final destination of the packet) Options (when used, the IP header length will be greater than five 32-bit words)
  10. 10.  OSI model TCP/IP finger printing OS fingerprinting  Grouping all this we will get a strong signature or the device finger print
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×