OS Fingerprinting (Kirk Thomas) (p)

Ron Nutter (TechBytes) talks with Kirk Thomas, creator of NetScanTools Pro (www.netscantools.com), about how to perform OS fingerprinting to identify devices on the network. Kirk explains how NetScanTools uses various types of ICMP packets to perform OS fingerprinting on a network and the issues that firewalls cause when sending these packets to the target. ICMP packets include Echo Requests'', '' Address Mask Requests'', '' Information Requests and Timestamp Requests. Kirk also explains how WinPcap is used to bypass the firewall as well and how fingerprinting can help locate rogue devices on the network. Finally, Kirk explains how banners can give away the identity of a host. Ron reminds listeners that you must be careful before running these tools on the network.