Derevolutionizing OS Fingerprinting: The cat and mouse gameJaime Sánchez
With the explosive growth and distributed nature of computer networks, it has become progressively more difficult to manage, secure, and identify Internet devices. An outsider has the capability to discover general information, such as which operating system a host is running, by searching for default stack parameters, ambiguities in IETF RFCs or non-compliant TCP/IP implementations in responses to malformed requests. By pinpointing the exact OS of a host, an attacker can launch an educated and precise attack against a target machine.
There are lot of reasons to hide your OS to the entire world:
Revealing your OS makes things easier to find and successfully run an exploit against any of your devices.
Having and unpatched or antique OS version is not very convenient for your company prestige. Imagine that your company is a bank and some users notice that you are running an unpatched box. They won't trust you any longer! In addition, these kind of 'bad' news are always sent to the public opinion.
Knowing your OS can also become more dangerous, because people can guess which applications are you running in that OS (data inference). For example if your system is a MS Windows, and you are running a database, it's highly likely that you are running MS-SQL.
It could be convenient for other software companies, to offer you a new OS environment (because they know which you are running).
And finally, privacy; nobody needs to know the systems you've got running.
This talk aims to present well-known methods that perform classification using application-layer traffic (TCP/IP/UDP headers, ICMP packets, or some combination thereof), old style approaches to defeat remote OS fingerprinting (like tweaking Windows registry or implement patches to the Linux kernel) and why this doesn't work with nowadays and could affect TCP/IP stack performance. We'll also present a new approach to detect and defeat both active/passive OS fingerprint with OSfooler-NG, a completely rewritten tool, highly portable, completely undetectable for the attackers and capable of detecting and defeating famous tools like nmap, p0f, Xprobe, pfsense and many commercial engines.
Sorry guys, OS fingerprinting is over...
Derevolutionizing OS Fingerprinting: The cat and mouse gameJaime Sánchez
With the explosive growth and distributed nature of computer networks, it has become progressively more difficult to manage, secure, and identify Internet devices. An outsider has the capability to discover general information, such as which operating system a host is running, by searching for default stack parameters, ambiguities in IETF RFCs or non-compliant TCP/IP implementations in responses to malformed requests. By pinpointing the exact OS of a host, an attacker can launch an educated and precise attack against a target machine.
There are lot of reasons to hide your OS to the entire world:
Revealing your OS makes things easier to find and successfully run an exploit against any of your devices.
Having and unpatched or antique OS version is not very convenient for your company prestige. Imagine that your company is a bank and some users notice that you are running an unpatched box. They won't trust you any longer! In addition, these kind of 'bad' news are always sent to the public opinion.
Knowing your OS can also become more dangerous, because people can guess which applications are you running in that OS (data inference). For example if your system is a MS Windows, and you are running a database, it's highly likely that you are running MS-SQL.
It could be convenient for other software companies, to offer you a new OS environment (because they know which you are running).
And finally, privacy; nobody needs to know the systems you've got running.
This talk aims to present well-known methods that perform classification using application-layer traffic (TCP/IP/UDP headers, ICMP packets, or some combination thereof), old style approaches to defeat remote OS fingerprinting (like tweaking Windows registry or implement patches to the Linux kernel) and why this doesn't work with nowadays and could affect TCP/IP stack performance. We'll also present a new approach to detect and defeat both active/passive OS fingerprint with OSfooler-NG, a completely rewritten tool, highly portable, completely undetectable for the attackers and capable of detecting and defeating famous tools like nmap, p0f, Xprobe, pfsense and many commercial engines.
Sorry guys, OS fingerprinting is over...
Slides for a libfabric tutorial presented at SC|15 (http://sc15.supercomputing.org/) on November 17, 2015 by Sean Hefty, Dave Goodell, Howard Pritchard, and Paul Grun.
Report on routing interface configurationDebjyotiSaha9
Routing Configuration and Interface of the router with millions of PC’s are the easiest way to complete the work of networking. The study of Cisco routers, cables gives a way of performing the experiment successfully. The basic need for this experiment is the software known as “Cisco Packet Tracer”. This software has an inbuilt configuration and can be compared with Network Simulators. In this project, the demonstration of whether the router is configured correctly in port with the console as well as cross-over cable. Assigning of IP addresses and also checking the transmission of packets by associating Packet Internet Groper (PING) in command prompt. Connecting the PC’s with the router for the exchange of information becomes a conventional method as PC’s cannot transmit data of their own. Fast Ethernet connectivity with the ports between the router and the PC’s and enabling the Ethernet verifies whether the router is receiving an information packet or not.
In this project, we will not use Simple Network Message Protocol (SNMP), because we are not considering the data transfer between the PC and Router. But we are just configuring that the PC is able to transfer and the router is able to receive the correct sequence of data.
in this webinar, we will discuss about the fundamental concept of VLAN, and how it is implemented on Mikrotik devices (Routerboard router and Cloud Router Switch - CRS). instructor will do a demo and QA session
Voice Services, From Circuit Switch to VoIPGLC Networks
Webinar topic: Voice Services, From Circuit Switch to VoIP
Presenter: Achmad Mardiansyah
In this webinar series, we discussed about Voice Services, From Circuit Switch to VoIP
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/sHYMkW-bcdo
Slides for a libfabric tutorial presented at SC|15 (http://sc15.supercomputing.org/) on November 17, 2015 by Sean Hefty, Dave Goodell, Howard Pritchard, and Paul Grun.
Report on routing interface configurationDebjyotiSaha9
Routing Configuration and Interface of the router with millions of PC’s are the easiest way to complete the work of networking. The study of Cisco routers, cables gives a way of performing the experiment successfully. The basic need for this experiment is the software known as “Cisco Packet Tracer”. This software has an inbuilt configuration and can be compared with Network Simulators. In this project, the demonstration of whether the router is configured correctly in port with the console as well as cross-over cable. Assigning of IP addresses and also checking the transmission of packets by associating Packet Internet Groper (PING) in command prompt. Connecting the PC’s with the router for the exchange of information becomes a conventional method as PC’s cannot transmit data of their own. Fast Ethernet connectivity with the ports between the router and the PC’s and enabling the Ethernet verifies whether the router is receiving an information packet or not.
In this project, we will not use Simple Network Message Protocol (SNMP), because we are not considering the data transfer between the PC and Router. But we are just configuring that the PC is able to transfer and the router is able to receive the correct sequence of data.
in this webinar, we will discuss about the fundamental concept of VLAN, and how it is implemented on Mikrotik devices (Routerboard router and Cloud Router Switch - CRS). instructor will do a demo and QA session
Voice Services, From Circuit Switch to VoIPGLC Networks
Webinar topic: Voice Services, From Circuit Switch to VoIP
Presenter: Achmad Mardiansyah
In this webinar series, we discussed about Voice Services, From Circuit Switch to VoIP
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/sHYMkW-bcdo