Active operating system fingerprinting is the process of actively determining a target network system’s underlying operating system type and characteristics by probing the target system network stack with specifically crafted packets and analyzing received response. Identifying the underlying operating system of a network host is an important characteristic that can be used to complement network inventory processes, intrusion detection system discovery mechanisms, security network scanners, vulnerability analysis systems and other security tools that need to evaluate vulnerabilities on remote network systems. During recent years there was a number of publications featuring techniques that aim to confuse or defeat remote network fingerprinting probes. In this paper we present a new version Xprobe2, the network mapping and active operating system fingerprinting tool with improved probing process, which deals with most of the defeating techniques, discussed in recent literature.
Fedor V. Yarochkin, Ofir Arkin, Meder Kydyraliev,