In passive OS fingerprinting, an attacker installs a sniffer on any third party such as a router on which the victim communicates frequently. Now he studies the sniffer’s log and responses, and receives hints about the remote OS with the help of the following parameters:

* TTL values: This is Time To Live Value for any packet sent by any host.
* The window size: For many operating systems, the initial window size value is fixed.
* Don’t Fragment bit (DF): Some operating systems keep the DF bit on, and some do not.
* Type of service: The type of service value varies from OS to OS.

When an attacker identifies these values from sniffer’s logs, he matches them with his database of known signatures of operating systems and receives a clue about which OS is running on the remote computer.

Explore More

Infection via HTML

Edit the code on what and how you need it, and yes this is detectable  in many cases, but you could insert a small FUD downloader to be  downloaded via

Read More

Security Alert to www.mtv.co.kr, MySQL Injection

Hi, http://www.mtv.co.kr Webmaster This is PlanetCreator’s Security Te@am & Hackers Group, PlanetCreator has reported Critical SQL Injection vulnerability on http://www.mtv.co.kr/ Website. Informed to [email protected] Some of your Web’s Data Information

Read More

Error Messages

Error Messages Overview Think about these questions. * Why are Error Conditions and Error Messages a security problem? * What’s wrong with error conditions? * Wouldn’t an administrator want the

Read More