Title Image

What Is Passive Fingerprinting?

What Is Passive Fingerprinting?

Passive fingerprinting is a way to guard your system by finding out information about remote systems without them knowing. Every operating system (OS) has its own fingerprint that is determined by its unique TCP/IP stack. Each OS responds differently to malformed packages. This response can then be compared to a database of responses to determine the OS. Both active fingerprinting and passive fingerprinting follow these same steps to learn about the enemy. So, what’s the difference between active and passive fingerprinting?

Active fingerprinting might generate traffic between your system and the invading system. Passive fingerprinting allows you to stealthily identify the other system using packet sniffing. No new packets are generated that could be sent to the remote system so nothing can be detected. A popular packet sniffing tool is called nmap.

Four things on the packet to determine OS

There are four things in the packet that could help determine the remote OS.

  • TTL- a timer value included in packets sent over networks that tells the recipient how long to hold or use the packet before discarding and expiring the data (packet)
  • Window Size
  • DF – the amount of free space in the file system
  • TOS – type of service to determine packet prioritization

These values are not 100 percent reliable but they do provide enough information to begin. These values can be changed by the remote host so no single value is an indicator of the remote OS; however, after analyzing enough packets with consistent data, compared against a database, you can reliably assess the remote OS quite accurately.
These four are not the only values to assess. There are other signatures to look at to make an accurate determination. A good source database will include the testing value from several systems using Telnet, FTP, HTTP, and SSH protocols.

Coming Soon!

The New Private Eyes Platform.

Background Checks | LegacyLender Solutions | Login

For any questions contact us at (925) 927-3333.

Site Security Notification

 

Use the buttons below to continue your login.

For SITE SECURITY purposes and to ensure that this service remains available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

NOTICE: We will not obtain personally-identifying information about you when you visit our site unless you choose to provide such information to us.

Point of Contact for Security and Monitoring: Frank Santa Elena email: security@pebackgroundchecks.com Information Systems Security Officer (ISSO) for www.privateeyesbackgroundchecks.com phone (925) 927-3333.

For any questions contact us at (925) 927-3333.

Find the Right Lender Solution

Fill out the information below and we will contact you or call us at 925-927-3333



First Name*
Last Name*
Email*
Phone*
Company*
Street
City
State
Zip Code
Number of Employees
Where did you hear about Private Eyes?

Find the Right Background Screening Solution

Fill out the information below and we will contact you or call us at 925-927-3333.



First Name*
Last Name*
Email*
Phone*
Company*
Street
City
State
Zip Code
Number of Employees
Where did you hear about Private Eyes?

Candidate Assistance

If Private Eyes is running your background check, please contact our Customer Service department. A person on our team will be more than happy to assist you

Email: CSS@pebackgroundchecks.com
Call: (925) 927-3333

Private Eyes Customer Assistance

If you are a current customer, please contact our Customer Service department. A person on our team will be more than happy to assist you.

Email: CSS@pebackgroundchecks.com
Call: (925) 927-3333