In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and responses, and receives hints about the remote OS with the help of the following parameters:

* TTL values: This is Time To Live Value for any packet sent by any host.
* The window size: For many operating systems, the initial window size value is fixed.
* Don’t Fragment bit (DF): Some operating systems keep the DF bit on, and some do not.
* Type of service: The type of service value varies from OS to OS.

When an attacker identifies these values from sniffer’s logs, he matches them with his database of known signatures of operating systems and receives a clue about which OS is running on the remote computer.

Explore More

Critical XSS Vulnerability in Irrawaddy News Magazine http://www.irrawaddy.org

PlanetCreator has reported another critical XSS vulnerability on http://www.irrawaddy.org owned by Irrawaddy Publishing Group These are some information from Vulneral Site http://www.irrawaddy.org Cross-site scripting (XSS) is a type of computer

Critical SQL Injection in Enjoy (http://www.enjoy.net.mm)

PlanetCreator reported another critical SQL injection (vulnerability) on several sites of Enjoy (http://www.enjoy.net.mm) SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer

What are the various features of snort?

Snort has the following features: * It detects threats, such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors