Which technique allows remotely determining the target's operating system by analyzing network packets?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which technique allows remotely determining the target's operating system by analyzing network packets?

Explanation:
OS fingerprinting is the technique that lets you determine the remote operating system by analyzing how the target responds to network traffic. Different operating systems implement the TCP/IP stack in slightly different ways, so packets they reply to—such as TTL values, IP identification sequences, window sizes, TCP options (like MSS or SACK), and how they respond to unusual or crafted probes—leave distinctive signatures. By sending a controlled set of probes or by observing existing traffic and matching the observed patterns against known fingerprints, you can infer the likely OS without direct access. This capability is fundamental for tailoring exploits or defenses in a penetration test. Port scanning focuses on which ports are open and what services might be running, not on deducing the OS from packet behavior. DNS hijacking is about redirecting name resolution, not OS identification. Brute force tries passwords or keys, not remotely fingerprinting an OS.

OS fingerprinting is the technique that lets you determine the remote operating system by analyzing how the target responds to network traffic. Different operating systems implement the TCP/IP stack in slightly different ways, so packets they reply to—such as TTL values, IP identification sequences, window sizes, TCP options (like MSS or SACK), and how they respond to unusual or crafted probes—leave distinctive signatures. By sending a controlled set of probes or by observing existing traffic and matching the observed patterns against known fingerprints, you can infer the likely OS without direct access. This capability is fundamental for tailoring exploits or defenses in a penetration test.

Port scanning focuses on which ports are open and what services might be running, not on deducing the OS from packet behavior. DNS hijacking is about redirecting name resolution, not OS identification. Brute force tries passwords or keys, not remotely fingerprinting an OS.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy