• Corpus ID: 25617853

Service-Fingerprinting mittels Fuzzing

  title={Service-Fingerprinting mittels Fuzzing},
  author={Michael Hanspach and R. Schumann and S. Schemmer and Sebastian Vandersee},
Service fingerprinting (i.e. the identification of network services and other applications on computing systems) is an essential part of penetration tests. The main contribution of this paper is a study on the improvement of fingerprinting tools. By applying mutation-based fuzzing as a fingerprint generation method, subtle differences in response messages can be identified. These differences in response messages provide means for the differentiation and identification of network services. To… 

Topics from this paper


Toward Undetected Operating System Fingerprinting
This work makes use of an information-theoretic measure of test quality to evaluate fingerprinting probes and uses this evaluation to derive effective probe combinations that minimize probe packets.
Fig: Automatic Fingerprint Generation
Results show that such an automatic process can generate accurate fingerprints that classify each piece of software into its proper class and that the search space for query exploration remains largely unexploited, with many new such queries awaiting discovery.
Using Neural Networks to improve classical Operating System Fingerprinting techniques
Two working modules are presented: one which uses DCE-RPC endpoints to distinguish Windows versions, and another which uses Nmap signatures to distinguish dierent version of Windows, Linux, Solaris, OpenBSD, FreeBSD and NetBSD systems.
Passive Operating System Identification From TCP / IP Packet Headers *
Accurate operating system (OS) identification by passive network traffic analysis can continuously update less-frequent active network scans and help interpret alerts from intrusion detection
A Hybrid Approach to Operating System Discovery using Answer Set Programming
The goal of operating system (OS) discovery is to learn which OS is running on a distant computer. There are two main strategies for OS discovery: active and passive. Each of them has advantages as