There are two common methods of performing system fingerprinting: active and passive scanning.
The more common active methods use responses sent to TCP or ICMP packets. The TCP fingerprinting process involves setting flags in the header that different operating systems and versions respond to differently. Usually several different TCP packets are sent and the responses are compared to known baselines (or fingerprints) to determine the remote OS.
For stealthy detection, there’s the option of passive fingerprinting. Unlike the active method, this style of fingerprinting does not send any packets, but relies on sniffing techniques to analyze the information sent in normal network traffic. This way there are no deliberate changes or actions against the network.
Passive OS Fingerprinting is a more stealth, but far slower process and usually less accurate than a targeted active fingerprinting session.
This type of software is often used for a variety of activities including, but not limited to, reconnaissance during penetration tests, routine network monitoring, detection of unauthorized network interconnects in corporate environments, providing signals for abuse-prevention tools, and miscellaneous forensics.
Here’s our verdict captured in a legendary LinuxLinks chart. Only free and open source software is included.
Let’s explore the 4 fingerprinting tools at hand. For each title we have compiled its own portal page, a full description with an in-depth analysis of its features, a screenshot of the software in action, together with links to relevant resources.
|Passive OS Fingerprinting|
|PRADS||Passive Real-time Asset Detection System|
|Ettercap||Comprehensive suite for man in the middle attacks|
|p0f||Array of passive traffic fingerprinting mechanisms that are highly scalable|
|PacketFence||Network access control solution with passive DHCP fingerprinting|
Read our complete collection of recommended free and open source software. The collection covers all categories of software.
The software collection forms part of our series of informative articles for Linux enthusiasts. There's tons of in-depth reviews, open source alternatives to proprietary software from large corporations like Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle and Autodesk. There are also fun things to try, hardware, free programming books and tutorials, and much more.