03-11-2013
A useful method is to use
nmap along with
-O flag.
Be cautious however when using nmap inside a company network since sometimes (and more often than not) they ban its internal use for anyone outside their network team... Most networking guys would freak out if they detect a strange IP scanning their network.
In any case, there's no bulletproof method to detect the operating system flavour of a remote host with 100% effectiveness.
Last edited by verdepollo; 03-11-2013 at 06:06 PM..
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I need the Unix operating system on disc as im new to unix. Im studying unix and x windows next year at Sheffield University and would like to get a head start.
Any suggestions would be appreciated (2 Replies)
Discussion started by: jeffersno1
2 Replies
2. UNIX for Dummies Questions & Answers
Which is much more powerful as an operating system:
1. Windows 2000
2. Windows 98
3. Windows XP
4. Windows ME
5. Unix
6. Linux
and why is it much more powerful than the other operating systems that i have mentioned.
thanks for your info... (1 Reply)
Discussion started by: alecks1975
1 Replies
3. Filesystems, Disks and Memory
Would any of your gentlemen have come across a decent reference for the FOS in your wanderings? Brocade just seems to want to sell me classes and FAN books :/ (0 Replies)
Discussion started by: Eronysis
0 Replies
4. Homework & Coursework Questions
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!
1. The problem statement, all variables and given/known data:
Write a C program that accepts 3 parameters. Each parameter indicates the quantity of product to be
produced.... (0 Replies)
Discussion started by: paradise
0 Replies
5. UNIX for Advanced & Expert Users
Hello All,
I want to install Linux on my machine, so please tell me one thing which is the best to install-
1.)Red Hat
2.)Cent OS
3.)Red Hat
4.)Ubuntu
5.)Fedora
except that if there is any please tell me. (1 Reply)
Discussion started by: parthmittal2007
1 Replies
6. What is on Your Mind?
Hello all, I'm new here. I wanted as nickname just wizard but it was taken. So Magus.Wizard instead; in my view, a wizard is somebody who really understands computers, a computer wizard, a master, a profi. Not too much about myself, more to the topic - I get tired from all the crap can be found... (2 Replies)
Discussion started by: Magus.Wizard
2 Replies
7. Solaris
Hi,
Iam trying to instal a solaris operating system in a vmware on my local windows system via an iso image named as "solaris10.vmx". but as soon as the vm console opens i get an error message as:
"PXE-MOF: Exiting Intel PXE ROM.
Operating system not found"
Please help me out in... (3 Replies)
Discussion started by: Laxxi
3 Replies
8. Shell Programming and Scripting
Hi,
I need a script that needs to detect the Operating System and based upon wheter it is Linux, Solaris x86, Sparc, Itanium etc it should populate "ps" command with detailed output accordingly
for example:
ps -xef | grep java -> Itaniumps -auxwww | greap java -> Solaris (9 Replies)
Discussion started by: mohtashims
9 Replies
9. Android
From Wikipedia (FYI): (0 Replies)
Discussion started by: Neo
0 Replies
10. UNIX and Linux Applications
Anyone know anything about "Advanced Plus Operating Environment".
Preferably release 10 Revision 522Gcd probably dated 2003. (4 Replies)
Discussion started by: jgt
4 Replies
LEARN ABOUT DEBIAN
prads2snort
PRADS2SNORT(1) networking PRADS2SNORT(1)
NAME
prads2snort - Snort autotuning of Frag3 and Stream5
SYNOPSIS
prads2snort -i /var/log/prads-asset.log -o /etc/snort/host_attributes.xml -d linux -v
DESCRIPTION
PRADS is a Passive Real-time Asset Detection System.
It passively listen to network traffic and gathers information on hosts and services it sees on the network. This information can be used
to map your network, letting you know what services and hosts are alive/used, or can be used together with your favorite IDS/IPS setup for
"event to host/service" correlation.
Gathering info about your hosts in real-time, will also let you detect assets that are just connected to the network for a short period of
time, where a active network scan (nmap etc.) would take long time, and not common to run continually, hence missing the asset.
The initial goal of implementing PRADS, was to make the host_attribute_table.xml for Snort (automatically).
PRADS2SNORT is the tool that does this!
OPTIONS
-i,--infile <file>
file to feed prads2snort.pl
-o,--outfile <file>
file to write host_attribute data to (host_attribute.xml)
-d,--default <os>
set Default OS if unknown (linux,bsd,macos,windows)
-v, --verbose
prints out OS, frag, stream and confidence of asset
-h, --help
this help message
--version
show prads2snort.pl version
PROBLEMS
1. Better mapping of less used apps to their correct snort attributes or drop them.
SEE ALSO
o PRADS <http://prads.projects.linpro.no/>
o p0f <http://lcamtuf.coredump.cx/p0f.shtml>
o PADS <http://passive.sourceforge.net/>
o Snort <http://snort.org>
o Sguil <http://sguil.net>
o Hogger <http://code.google.com/p/hogger/>
BUGS
Report bugs here:
o http://github.com/gamelinux/prads/issues
For general questions:
o http://projects.linpro.no/mailman/listinfo/prads-devel
o http://projects.linpro.no/mailman/listinfo/prads-users
AUTHOR
edwardfjellskaal@gmail.com
COPYRIGHT
GPL
0.2 2010-06-21 PRADS2SNORT(1)