Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> General >> OS Identification

Vulnerability Assessment Details

OS Identification

Vulnerability Assessment Summary
Acertains the remote operating system

Detailed Explanation for this Vulnerability Assessment

This script attempts to identify the Operating System type and version by
various ways :

- If the remote host is a Windows host, it will attempt to acertain its
OS type by sending MSRPC packets on port 135 and guess the OS based on
the results

- If the remote host has an NTP client listening on port 123, this script will
try to ask for the operating system version this way

- Otherwise, this script acertains the remote operating system by sending more
or less incorrect ICMP requests using the techniques outlined in Ofir Arkin's
paper 'ICMP Usage In Scanning'.

A possible hacker may use this to identify the kind of the remote operating
system and gain further knowledge about this host.

See also : (icmp os identification)
Network Security Threat Level: Low

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Tenable Network Security

Cables, Connectors


No Discussions have been posted on this vulnerability.