On this post I will give you a small tutorial, on how to detect what OS any person is using, and how to protect against such a detection.
This detection can be used by malicious hackers to use the correct applications, to hack into the targets.
Everyone should at least know the basics to be able to prevent the attack and keep their system a bit more secure.
There are not many prerequisites to be able to do this. But the basics are:
1º Having a *nix system
2º Connecting to the Internet
3º Downloading the Xprobe applications
First let me talk about the Xprobe application.
Xprobe is a simple tool to perform a fingerprint of a remote server.
The Xprobe application is used to identify the possible operating system (OS) of the target.
An attacker uses this information to launch appropriate attacks for the results obtained.
This is the download link : https://sourceforge.net/projects/xprobe/
This is a sample of the correct procedure for detecting the operation system:
Uncompress, compile, create the Xprobe2 executable and execute against the target with the syntax of:
Xprobe2 options Target IP ADDRESS
From the Linux directory containing the type Xprobe compressed file, type
tar –zxvf xprobe2-0.3.tar.gz.
The Xprobe files will uncompress and install into a new directory named xprobe2-0.3.
Change to the new directory by typing cd xprobe2-0.3 and pressing Enter.
The Xprobe application needs to be configured for the machine it is currently running on by typing i ./configure.
The files will configure for the machine they are currently on.
Be patient as this may take a few minutes depending on the computer.
The next step is to type make and press Enter.
The make command will execute.
The last step prior to execution is to install the Xprobe application by typing:
make install
The Xprobe application will now install.
In this example to execute Xprobe against a target, type:
xprobe2 172.16.1.4078
The results of the Xprobe application will be listed.
From the results of this example:
The primary guess is the target is running Microsoft Windows XP
The other guesses include:
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows 2000 Server Service Pack 3
Microsoft Windows 2000 Server Service Pack 2
Microsoft Windows 2000 Server Service Pack 1
Microsoft Windows XP SP1
Microsoft Windows 2000 Workstation Service Pack 4
Microsoft Windows 2000 Workstation Service Pack 4
Microsoft Windows 2000 Workstation Service Pack 4
Microsoft Windows 2000 Workstation Service Pack 4
In this example, the primary guess of Xprobe2 was incorrect as the target
was actually Microsoft Windows 2000 Server with no updates or service packs
installed.
*Note: Even though Xprobe2 misidentified the target, it is possible that Xprobe has
identified the host computer, which in this case is Microsoft Windows XP.
Even so, Xprobe2 did identify that the target was Microsoft Windows in origin.
And this is it Detecting the operation system. this is how to do it :)
And now about the countermeasures to prevent someone from detecting the operation system are this:
Countermeasures: IDS to detect UDP to port 32132, deny ICMP requests/reply.
Hope this text could clarify some of your doubts, any other subject you want to know more about just drop me a comment.
If you liked the text please do share it on social media by using the buttons below this post (Facebook, Twitter, Stumbleupon, etc)
I am a newbie, and I am in deepshit. Thanks to the lies and so forth of our regular system. I am now contemplating suicide, I am going through withdrawals, and taking a handful of doctors with me. I will try to use your information to get to the darkweb, and hopefully get some relief from these WDs. Thank you for your informative post.
ReplyDeleteJayme Silvestri