Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OS based Fingerprinting #19

Open
CHEF-KOCH opened this issue Nov 23, 2019 · 0 comments
Open

OS based Fingerprinting #19

CHEF-KOCH opened this issue Nov 23, 2019 · 0 comments
Assignees
Labels
Projects

Comments

@CHEF-KOCH
Copy link
Owner

@CHEF-KOCH CHEF-KOCH commented Nov 23, 2019

Methods

  • P0f
  • Mining
  • Ettercap
  • nmap
  • DHCP
  • or via vulnerability scanner (which using mostly "TCP based weaknesses" to spot the OS)
  • Font assuming that Browser, application transmits the information
  • PowerShell e.g. Get-ADComputer -Filter * -Properties * | where {$_.OperatingSystem -like "Windows 10*"} | Select Name, OperatingSystem
  • --fuzzy (guessing)
  • via RFC's eg. TCP Timestamp (RFC 1323) and TTL etc

Protection

  • Obfuscation (which is NOT part of our privacy principles), however if you like to do so you can use AntiOS
  • Disable (if possible) the RFC (param) which causes "fingerprinting"
  • OS fingerprinting is not a security issue, it's a privacy "problem" the assumption that just because you know that I wrote this behind Windows 10 doesn't mean you find an active and working exploit. The defense is that MS has to patch critical holes.
  • Fixing one fingerprint hole and leave the other 100 open is false sense of security, especially because an attacker needs to find an exploit

OS fingerprinting protection - why not by default?

@CHEF-KOCH CHEF-KOCH added the Wontfix label Nov 23, 2019
@CHEF-KOCH CHEF-KOCH self-assigned this Nov 23, 2019
Repository owner deleted a comment from issue-label-bot bot Nov 23, 2019
@CHEF-KOCH CHEF-KOCH added this to OS Fingerprinting in Microsoft Jan 28, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Microsoft
OS Fingerprinting
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.