« back to all changes in this revision
Viewing changes to etc/xprobe2.conf
- browse files at revision 3
- compare with another revision
- download diff
- download tarball
- view history from revision 3
- Committer: Bazaar Package Importer
- Author(s): Richard Atterer
- Date: 2005-02-22 22:54:24 UTC
- mfrom: (1.2.1 upstream) (2.1.2 hoary)
- Revision ID: james.westby@ubuntu.com-20050222225424-6cqy8rr45pkna819
Tags: 0.2.2-1
New upstream version
- files added:
- CHANGELOG
- docs
- etc
- libs-external
- libs-external/USI++
- libs-external/USI++/data
- libs-external/USI++/fix
- libs-external/USI++/samples
- libs-external/USI++/src
- libs-external/USI++/src/cfgaux
- libs-external/USI++/usi++
- src
- src/xplib
- src/xpmodules
- src/xpmodules/alive_probe
- src/xpmodules/alive_probe/portscanner
- src/xpmodules/alive_probe/ttl_calc
- src/xpmodules/modules_proto
- src/xpmodules/os_probe
- src/xpmodules/os_probe/icmp_addrmask
- src/xpmodules/os_probe/icmp_echo_id
- src/xpmodules/os_probe/icmp_inforeq
- src/xpmodules/os_probe/icmp_port_unreach
- src/xpmodules/os_probe/icmp_timestamp
- src/xpmodules/os_probe/tcp_handshake
- src/xpmodules/os_probe/tcp_rst
- files removed:
- Changelog
- files modified:
- AUTHORS
- TODO *
added
removed
etc/xprobe2.conf
1
#Xprobe2 Fingerprinting Database
2
#
3
#Last Modified: 15 February 2005
4
#
5
#$Id:
6
#
7
#Contributions are welcomed
8
#
9
#
10
#The fingerprinting database is (c) 2000-2005 by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev
11
#The database is available for free use by open source software under the terms of
12
#the GNU General Public License.
13
#
14
#For commercial usage please contact: ofir@sys-security.com
15
#
16
#
17
#
18
#Generic Section
19
20
generic {
21
timeout = 2
22
}
23
24
#Fingerprints
25
#
26
#For corrections & submission of signatures please email
27
#ofir@sys-security.com
28
#
29
#
30
#Example entry
31
#
32
#fingerprint {
33
# OS_ID = "My OS"
34
# #Entry inserted to the database by: Moderator's name (email)
35
# #Entry contributed by: Contributer's name (email)
36
# #Date: Date entered into database
37
# #Modified: Date Modified
38
#
39
# #Module A [ICMP ECHO Probe]
40
# icmp_echo_reply = [y, n]
41
# icmp_echo_code = [0, !0]
42
# icmp_echo_ip_id = [0, !0, SENT]
43
# icmp_echo_tos_bits = [0, !0]
44
# icmp_echo_df_bit = [0, 1]
45
# icmp_echo_reply_ttl = [>< decimal num]
46
#
47
# #Module B [ICMP Timestamp Probe]
48
# icmp_timestamp_reply = [y, n]
49
# icmp_timestamp_reply_ttl = [>< decimal num]
50
# icmp_timestamp_reply_ip_id = [0, !0, SENT]
51
#
52
# #Module C [ICMP Address Mask Request Probe]
53
# icmp_addrmask_reply = [y, n]
54
# icmp_addrmask_reply_ttl = [>< decimal num]
55
# icmp_addrmask_reply_ip_id = [0, !0, SENT]
56
#
57
# #Module D [ICMP Information Request Probe]
58
# icmp_info_reply = [y, n]
59
# icmp_info_reply_ttl = [>< decimal num]
60
# icmp_info_reply_ip_id = [0, !0, SENT]
61
#
62
# #Module E [UDP -> ICMP Unreachable probe]
63
# #IP_Header_of_the_UDP_Port_Unreachable_error_message
64
# icmp_unreach_reply = [y, n]
65
# icmp_unreach_echoed_dtsize = [8, 64, >64]
66
# icmp_unreach_reply_ttl = [>< decimal num]
67
# icmp_unreach_precedence_bits = 0xc0, 0, (hex num)
68
# icmp_unreach_df_bit = [0 , 1 ]
69
# icmp_unreach_ip_id = [0, !0, SENT]
70
#
71
# #Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
72
# icmp_unreach_echoed_udp_cksum = [0, OK, BAD]
73
# icmp_unreach_echoed_ip_cksum = [0, OK, BAD]
74
# icmp_unreach_echoed_ip_id = [OK, FLIPPED]
75
# icmp_unreach_echoed_total_len = [>20, OK, <20]
76
# icmp_unreach_echoed_3bit_flags = [OK, FLIPPED]
77
#
78
# #Module F [TCP SYN | ACK Module]
79
# #IP header of the TCP SYN ACK
80
# tcp_syn_ack_tos = [0, <value>]
81
# tcp_syn_ack_df = [0 , 1 ]
82
# tcp_syn_ack_ip_id = [0 , !0, SENT ]
83
# tcp_syn_ack_ttl = [>< decimal num]
84
#
85
# #Information from the TCP header
86
# tcp_syn_ack_ack = [<value>]
87
# tcp_syn_ack_window_size = [<value>]
88
# tcp_syn_ack_options_order = ["order"]
89
# tcp_syn_ack_wscale = [<value>, NONE]
90
# tcp_syn_ack_tsval = [0, !0, NONE]
91
# tcp_syn_ack_tsecr = [0, !0, NONE]
92
#
93
# #Module G [TCP RST|ACK]
94
# tcp_rst_reply = [y ,n]
95
# tcp_rst_df = [0, 1]
96
# tcp_rst_ip_id_1 = [0, !0]
97
# tcp_rst_ip_id_2 = [0, !0]
98
# tcp_rst_ip_id_strategy = [0, I, R]
99
# tcp_rst_ttl = [>< decimal num]
100
#
101
#}
102
103
#AIX
104
105
fingerprint {
106
OS_ID = "AIX 5.1"
107
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
108
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
109
#Date: 14 July 2003
110
#Modified: 14 July 2003
111
112
#Module A [ICMP ECHO Probe]
113
icmp_echo_reply = y
114
icmp_echo_code = !0
115
icmp_echo_ip_id = !0
116
icmp_echo_tos_bits = !0
117
icmp_echo_df_bit = 1
118
icmp_echo_reply_ttl = <255
119
120
#Module B [ICMP Timestamp Probe]
121
icmp_timestamp_reply = y
122
icmp_timestamp_reply_ttl = <255
123
icmp_timestamp_reply_ip_id = !0
124
125
#Module C [ICMP Address Mask Request Probe]
126
icmp_addrmask_reply = n
127
icmp_addrmask_reply_ttl = <255
128
icmp_addrmask_reply_ip_id = !0
129
130
#Module D [ICMP Information Request Probe]
131
icmp_info_reply = y
132
icmp_info_reply_ttl = <255
133
icmp_info_reply_ip_id = !0
134
135
#Module E [UDP -> ICMP Unreachable probe]
136
#IP_Header_of_the_UDP_Port_Unreachable_error_message
137
icmp_unreach_reply = y
138
icmp_unreach_echoed_dtsize = 8
139
icmp_unreach_reply_ttl = <255
140
icmp_unreach_precedence_bits = 0
141
icmp_unreach_df_bit = 1
142
icmp_unreach_ip_id = !0
143
144
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
145
icmp_unreach_echoed_udp_cksum = 0
146
icmp_unreach_echoed_ip_cksum = BAD
147
icmp_unreach_echoed_ip_id = OK
148
icmp_unreach_echoed_total_len = >20
149
icmp_unreach_echoed_3bit_flags = OK
150
151
#Module F [TCP SYN | ACK Module]
152
#IP header of the TCP SYN ACK
153
tcp_syn_ack_tos = 0
154
tcp_syn_ack_df = 0
155
tcp_syn_ack_ip_id = !0
156
tcp_syn_ack_ttl = <60
157
158
#Information from the TCP header
159
tcp_syn_ack_ack = 1
160
tcp_syn_ack_window_size = 17520
161
tcp_syn_ack_options_order = "MSS"
162
tcp_syn_ack_wscale = NONE
163
tcp_syn_ack_tsval = NONE
164
tcp_syn_ack_tsecr = NONE
165
166
#Module G
167
tcp_rst_reply = y
168
tcp_rst_df = 0
169
tcp_rst_ip_id_1 = !0
170
tcp_rst_ip_id_2 = !0
171
tcp_rst_ip_id_strategy = I
172
tcp_rst_ttl = <60
173
}
174
175
fingerprint {
176
OS_ID = "AIX 4.3.3"
177
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
178
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
179
#Date: 14 July 2003
180
#Modified: 14 July 2003
181
182
#Module A [ICMP ECHO Probe]
183
icmp_echo_reply = y
184
185
icmp_echo_code = !0
186
icmp_echo_ip_id = !0
187
icmp_echo_tos_bits = !0
188
icmp_echo_df_bit = 1
189
icmp_echo_reply_ttl = <255
190
191
#Module B [ICMP Timestamp Probe]
192
icmp_timestamp_reply = y
193
icmp_timestamp_reply_ttl = <255
194
icmp_timestamp_reply_ip_id = !0
195
196
#Module C [ICMP Address Mask Request Probe]
197
icmp_addrmask_reply = n
198
icmp_addrmask_reply_ttl = <255
199
icmp_addrmask_reply_ip_id = !0
200
201
#Module D [ICMP Information Request Probe]
202
icmp_info_reply = y
203
icmp_info_reply_ttl = <255
204
icmp_info_reply_ip_id = !0
205
206
#Module E [UDP -> ICMP Unreachable probe]
207
#IP_Header_of_the_UDP_Port_Unreachable_error_message
208
icmp_unreach_reply = y
209
icmp_unreach_echoed_dtsize = 8
210
icmp_unreach_reply_ttl = <255
211
icmp_unreach_precedence_bits = 0
212
icmp_unreach_df_bit = 1
213
icmp_unreach_ip_id = !0
214
215
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
216
icmp_unreach_echoed_udp_cksum = 0
217
icmp_unreach_echoed_ip_cksum = BAD
218
icmp_unreach_echoed_ip_id = OK
219
icmp_unreach_echoed_total_len = >20
220
icmp_unreach_echoed_3bit_flags = OK
221
222
#Module F [TCP SYN | ACK Module]
223
#IP header of the TCP SYN ACK
224
tcp_syn_ack_tos = 0
225
tcp_syn_ack_df = 0
226
tcp_syn_ack_ip_id = !0
227
tcp_syn_ack_ttl = <60
228
229
#Information from the TCP header
230
tcp_syn_ack_ack = 1
231
tcp_syn_ack_window_size = 16060
232
tcp_syn_ack_options_order = "MSS"
233
tcp_syn_ack_wscale = NONE
234
tcp_syn_ack_tsval = NONE
235
tcp_syn_ack_tsecr = NONE
236
237
#Module G
238
tcp_rst_reply = y
239
tcp_rst_df = 0
240
tcp_rst_ip_id_1 = !0
241
tcp_rst_ip_id_2 = !0
242
tcp_rst_ip_id_strategy = I
243
tcp_rst_ttl = <60
244
245
}
246
247
248
#Cisco Systems
249
250
fingerprint {
251
OS_ID = "Cisco IOS 12.3"
252
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
253
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
254
#Date: 01 February 2005
255
#Modified: -
256
257
#Module A
258
icmp_echo_reply = y
259
260
261
icmp_echo_code = !0
262
icmp_echo_ip_id = SENT
263
icmp_echo_tos_bits = !0
264
icmp_echo_df_bit = 1
265
icmp_echo_reply_ttl = <255
266
267
#Module B
268
icmp_timestamp_reply = y
269
icmp_timestamp_reply_ttl = <255
270
icmp_timestamp_reply_ip_id = SENT
271
272
#Module C
273
icmp_addrmask_reply = n
274
icmp_addrmask_reply_ttl = <255
275
icmp_addrmask_reply_ip_id = SENT
276
277
#Module D
278
icmp_info_reply = y
279
icmp_info_reply_ttl = <255
280
icmp_info_reply_ip_id = SENT
281
282
#Module E
283
#IP_Header_of_the_UDP_Port_Unreachable_error_message
284
icmp_unreach_reply = y
285
icmp_unreach_echoed_dtsize = 8
286
icmp_unreach_reply_ttl = <255
287
icmp_unreach_precedence_bits = 0xc0
288
icmp_unreach_df_bit = 0
289
icmp_unreach_ip_id = !0
290
291
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
292
icmp_unreach_echoed_udp_cksum = OK
293
icmp_unreach_echoed_ip_cksum = OK
294
icmp_unreach_echoed_ip_id = OK
295
icmp_unreach_echoed_total_len = OK
296
icmp_unreach_echoed_3bit_flags = OK
297
298
#Module F
299
#IP header of the TCP SYN | ACK
300
tcp_syn_ack_tos = 0x10
301
tcp_syn_ack_df = 0
302
tcp_syn_ack_ip_id = 0
303
tcp_syn_ack_ttl = <255
304
305
#Information from the TCP header
306
tcp_syn_ack_ack = 1
307
tcp_syn_ack_window_size = 4128
308
tcp_syn_ack_options_order = "MSS"
309
tcp_syn_ack_wscale = NONE
310
tcp_syn_ack_tsval = NONE
311
tcp_syn_ack_tsecr = NONE
312
313
#Module G [TCP RST|ACK]
314
tcp_rst_reply = y
315
tcp_rst_df = 0
316
tcp_rst_ip_id_1 = !0
317
tcp_rst_ip_id_2 = !0
318
tcp_rst_ip_id_strategy = I
319
tcp_rst_ttl = <255
320
}
321
322
fingerprint {
323
OS_ID = "Cisco IOS 12.2"
324
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
325
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
326
#Date: 25 June 2002
327
#Modified: 25 June 2003
328
329
#Module A
330
icmp_echo_reply = y
331
332
333
icmp_echo_code = !0
334
icmp_echo_ip_id = SENT
335
icmp_echo_tos_bits = !0
336
icmp_echo_df_bit = 1
337
icmp_echo_reply_ttl = <255
338
339
#Module B
340
icmp_timestamp_reply = y
341
icmp_timestamp_reply_ttl = <255
342
icmp_timestamp_reply_ip_id = SENT
343
344
#Module C
345
icmp_addrmask_reply = n
346
icmp_addrmask_reply_ttl = <255
347
icmp_addrmask_reply_ip_id = SENT
348
349
#Module D
350
icmp_info_reply = y
351
icmp_info_reply_ttl = <255
352
icmp_info_reply_ip_id = SENT
353
354
#Module E
355
#IP_Header_of_the_UDP_Port_Unreachable_error_message
356
icmp_unreach_reply = y
357
icmp_unreach_echoed_dtsize = 8
358
icmp_unreach_reply_ttl = <255
359
icmp_unreach_precedence_bits = 0xc0
360
icmp_unreach_df_bit = 0
361
icmp_unreach_ip_id = !0
362
363
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
364
icmp_unreach_echoed_udp_cksum = OK
365
icmp_unreach_echoed_ip_cksum = OK
366
icmp_unreach_echoed_ip_id = OK
367
icmp_unreach_echoed_total_len = OK
368
icmp_unreach_echoed_3bit_flags = OK
369
370
#Module F
371
#IP header of the TCP SYN | ACK
372
tcp_syn_ack_tos = 0x10
373
tcp_syn_ack_df = 0
374
tcp_syn_ack_ip_id = 0
375
tcp_syn_ack_ttl = <255
376
377
#Information from the TCP header
378
tcp_syn_ack_ack = 1
379
tcp_syn_ack_window_size = 4128
380
tcp_syn_ack_options_order = "MSS"
381
tcp_syn_ack_wscale = NONE
382
tcp_syn_ack_tsval = NONE
383
tcp_syn_ack_tsecr = NONE
384
385
#Module G [TCP RST|ACK]
386
tcp_rst_reply = y
387
tcp_rst_df = 0
388
tcp_rst_ip_id_1 = !0
389
tcp_rst_ip_id_2 = !0
390
tcp_rst_ip_id_strategy = I
391
tcp_rst_ttl = <255
392
393
}
394
395
fingerprint {
396
OS_ID = "Cisco IOS 12.0"
397
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
398
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
399
#Date: 27 January 2002
400
#Modified: 25 June 2003
401
402
#Module A
403
icmp_echo_reply = y
404
405
406
icmp_echo_code = !0
407
icmp_echo_ip_id = SENT
408
icmp_echo_tos_bits = !0
409
icmp_echo_df_bit = 1
410
icmp_echo_reply_ttl = <255
411
412
#Module B
413
icmp_timestamp_reply = y
414
icmp_timestamp_reply_ttl = <255
415
icmp_timestamp_reply_ip_id = SENT
416
417
#Module C
418
icmp_addrmask_reply = n
419
icmp_addrmask_reply_ttl = <255
420
icmp_addrmask_reply_ip_id = SENT
421
422
#Module D
423
icmp_info_reply = y
424
icmp_info_reply_ttl = <255
425
icmp_info_reply_ip_id = SENT
426
427
#Module E
428
#IP_Header_of_the_UDP_Port_Unreachable_error_message
429
icmp_unreach_reply = y
430
icmp_unreach_echoed_dtsize = 8
431
icmp_unreach_reply_ttl = <255
432
icmp_unreach_precedence_bits = 0xc0
433
icmp_unreach_df_bit = 0
434
icmp_unreach_ip_id = !0
435
436
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
437
icmp_unreach_echoed_udp_cksum = OK
438
icmp_unreach_echoed_ip_cksum = OK
439
icmp_unreach_echoed_ip_id = OK
440
icmp_unreach_echoed_total_len = OK
441
icmp_unreach_echoed_3bit_flags = OK
442
443
#Module F
444
#IP header of the TCP SYN | ACK
445
tcp_syn_ack_tos = 0x10
446
tcp_syn_ack_df = 0
447
tcp_syn_ack_ip_id = 0
448
tcp_syn_ack_ttl = <255
449
450
#Information from the TCP header
451
tcp_syn_ack_ack = 1
452
tcp_syn_ack_window_size = 4128
453
tcp_syn_ack_options_order = "MSS"
454
tcp_syn_ack_wscale = NONE
455
tcp_syn_ack_tsval = NONE
456
tcp_syn_ack_tsecr = NONE
457
458
#Module G [TCP RST|ACK]
459
tcp_rst_reply = y
460
tcp_rst_df = 0
461
tcp_rst_ip_id_1 = !0
462
tcp_rst_ip_id_2 = !0
463
tcp_rst_ip_id_strategy = I
464
tcp_rst_ttl = <255
465
466
467
}
468
469
fingerprint {
470
OS_ID = "Cisco IOS 11.3"
471
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
472
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
473
#Date: 27 January 2002
474
#Modified: 25 June 2003
475
476
#Module A
477
icmp_echo_reply = y
478
479
480
icmp_echo_code = !0
481
icmp_echo_ip_id = SENT
482
icmp_echo_tos_bits = !0
483
icmp_echo_df_bit = 1
484
icmp_echo_reply_ttl = <255
485
486
#Module B
487
icmp_timestamp_reply = y
488
icmp_timestamp_reply_ttl = <255
489
icmp_timestamp_reply_ip_id = SENT
490
491
#Module C
492
icmp_addrmask_reply = n
493
icmp_addrmask_reply_ttl = <255
494
icmp_addrmask_reply_ip_id = SENT
495
496
#Module D
497
icmp_info_reply = y
498
icmp_info_reply_ttl = <255
499
icmp_info_reply_ip_id = SENT
500
501
#Module E
502
#IP_Header_of_the_UDP_Port_Unreachable_error_message
503
icmp_unreach_reply = y
504
icmp_unreach_echoed_dtsize = 8
505
icmp_unreach_reply_ttl = <255
506
icmp_unreach_precedence_bits = 0xc0
507
icmp_unreach_df_bit = 0
508
icmp_unreach_ip_id = !0
509
510
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
511
icmp_unreach_echoed_udp_cksum = OK
512
icmp_unreach_echoed_ip_cksum = OK
513
icmp_unreach_echoed_ip_id = OK
514
icmp_unreach_echoed_total_len = OK
515
icmp_unreach_echoed_3bit_flags = OK
516
517
#Module F
518
#IP header of the TCP SYN | ACK
519
tcp_syn_ack_tos = 0x10
520
tcp_syn_ack_df = 0
521
tcp_syn_ack_ip_id = 0
522
tcp_syn_ack_ttl = <255
523
524
#Information from the TCP header
525
tcp_syn_ack_ack = 1
526
tcp_syn_ack_window_size = 4128
527
tcp_syn_ack_options_order = "MSS"
528
tcp_syn_ack_wscale = NONE
529
tcp_syn_ack_tsval = NONE
530
tcp_syn_ack_tsecr = NONE
531
532
#Module G [TCP RST|ACK]
533
tcp_rst_reply = y
534
tcp_rst_df = 0
535
tcp_rst_ip_id_1 = !0
536
tcp_rst_ip_id_2 = !0
537
tcp_rst_ip_id_strategy = I
538
tcp_rst_ttl = <255
539
540
541
542
}
543
544
fingerprint {
545
OS_ID = "Cisco IOS 11.2"
546
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
547
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
548
#Date: 27 January 2002
549
#Modified: 25 June 2003
550
551
#Module A
552
icmp_echo_reply = y
553
554
555
icmp_echo_code = !0
556
icmp_echo_ip_id = SENT
557
icmp_echo_tos_bits = !0
558
icmp_echo_df_bit = 1
559
icmp_echo_reply_ttl = <255
560
561
#Module B
562
icmp_timestamp_reply = y
563
icmp_timestamp_reply_ttl = <255
564
icmp_timestamp_reply_ip_id = SENT
565
566
#Module C
567
icmp_addrmask_reply = n
568
icmp_addrmask_reply_ttl = <255
569
icmp_addrmask_reply_ip_id = SENT
570
571
#Module D
572
icmp_info_reply = y
573
icmp_info_reply_ttl = <255
574
icmp_info_reply_ip_id = SENT
575
576
#Module E
577
#IP_Header_of_the_UDP_Port_Unreachable_error_message
578
icmp_unreach_reply = y
579
icmp_unreach_echoed_dtsize = 8
580
icmp_unreach_reply_ttl = <255
581
icmp_unreach_precedence_bits = 0
582
icmp_unreach_df_bit = 0
583
icmp_unreach_ip_id = !0
584
585
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
586
icmp_unreach_echoed_udp_cksum = OK
587
icmp_unreach_echoed_ip_cksum = OK
588
icmp_unreach_echoed_ip_id = OK
589
icmp_unreach_echoed_total_len = OK
590
icmp_unreach_echoed_3bit_flags = OK
591
592
#Module F
593
#IP header of the TCP SYN | ACK
594
tcp_syn_ack_tos = 0
595
tcp_syn_ack_df = 0
596
tcp_syn_ack_ip_id = 0
597
tcp_syn_ack_ttl = <255
598
599
#Information from the TCP header
600
tcp_syn_ack_ack = 1
601
tcp_syn_ack_window_size = 2144
602
tcp_syn_ack_options_order = "MSS"
603
tcp_syn_ack_wscale = NONE
604
tcp_syn_ack_tsval = NONE
605
tcp_syn_ack_tsecr = NONE
606
607
#Module G [TCP RST|ACK]
608
tcp_rst_reply = y
609
tcp_rst_df = 0
610
tcp_rst_ip_id_1 = !0
611
tcp_rst_ip_id_2 = !0
612
tcp_rst_ip_id_strategy = I
613
tcp_rst_ttl = <255
614
615
616
617
618
}
619
620
fingerprint {
621
OS_ID = "Cisco IOS 11.1"
622
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
623
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
624
#Date: 27 January 2002
625
#Modified: 25 June 2003
626
627
#Module A
628
icmp_echo_reply = y
629
630
631
icmp_echo_code = !0
632
icmp_echo_ip_id = SENT
633
icmp_echo_tos_bits = !0
634
icmp_echo_df_bit = 1
635
icmp_echo_reply_ttl = <255
636
637
#Module B
638
icmp_timestamp_reply = y
639
icmp_timestamp_reply_ttl = <255
640
icmp_timestamp_reply_ip_id = SENT
641
642
#Module C
643
icmp_addrmask_reply = n
644
icmp_addrmask_reply_ttl = <255
645
icmp_addrmask_reply_ip_id = SENT
646
647
#Module D
648
icmp_info_reply = y
649
icmp_info_reply_ttl = <255
650
icmp_info_reply_ip_id = SENT
651
652
#Module E
653
#IP_Header_of_the_UDP_Port_Unreachable_error_message
654
icmp_unreach_reply = y
655
icmp_unreach_echoed_dtsize = 8
656
icmp_unreach_reply_ttl = <255
657
icmp_unreach_precedence_bits = 0
658
icmp_unreach_df_bit = 0
659
icmp_unreach_ip_id = !0
660
661
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
662
icmp_unreach_echoed_udp_cksum = OK
663
icmp_unreach_echoed_ip_cksum = OK
664
icmp_unreach_echoed_ip_id = OK
665
icmp_unreach_echoed_total_len = OK
666
icmp_unreach_echoed_3bit_flags = OK
667
668
#Module F
669
#IP header of the TCP SYN | ACK
670
tcp_syn_ack_tos = 0
671
tcp_syn_ack_df = 0
672
tcp_syn_ack_ip_id = 0
673
tcp_syn_ack_ttl = <255
674
675
#Information from the TCP header
676
tcp_syn_ack_ack = 1
677
tcp_syn_ack_window_size = 2144
678
tcp_syn_ack_options_order = "MSS"
679
tcp_syn_ack_wscale = NONE
680
tcp_syn_ack_tsval = NONE
681
tcp_syn_ack_tsecr = NONE
682
683
#Module G [TCP RST|ACK]
684
tcp_rst_reply = y
685
tcp_rst_df = 0
686
tcp_rst_ip_id_1 = !0
687
tcp_rst_ip_id_2 = !0
688
tcp_rst_ip_id_strategy = I
689
tcp_rst_ttl = <255
690
691
692
693
694
}
695
696
697
#Foundry Networks
698
699
fingerprint {
700
OS_ID = "Foundry Networks IronWare Version 03.0.01eTc1"
701
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
702
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
703
#Date: 12 February 2005
704
#Modified: -
705
706
#Module A [ICMP ECHO Probe]
707
icmp_echo_reply = y
708
709
710
icmp_echo_code = !0
711
icmp_echo_ip_id = !0
712
icmp_echo_tos_bits = !0
713
icmp_echo_df_bit = 0
714
icmp_echo_reply_ttl = <64
715
716
#Module B [ICMP Timestamp Probe]
717
icmp_timestamp_reply = n
718
icmp_timestamp_reply_ttl = <64
719
icmp_timestamp_reply_ip_id = !0
720
721
#Module C [ICMP Address Mask Request Probe]
722
icmp_addrmask_reply = n
723
icmp_addrmask_reply_ttl = <64
724
icmp_addrmask_reply_ip_id = !0
725
726
#Module D [ICMP Information Request Probe]
727
icmp_info_reply = n
728
icmp_info_reply_ttl = <64
729
icmp_info_reply_ip_id = !0
730
731
#Module E [UDP -> ICMP Unreachable probe]
732
#IP_Header_of_the_UDP_Port_Unreachable_error_message
733
icmp_unreach_reply = y
734
icmp_unreach_echoed_dtsize = 20
735
icmp_unreach_reply_ttl = <64
736
icmp_unreach_precedence_bits = 0
737
icmp_unreach_df_bit = 0
738
icmp_unreach_ip_id = !0
739
740
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
741
icmp_unreach_echoed_udp_cksum = OK
742
icmp_unreach_echoed_ip_cksum = OK
743
icmp_unreach_echoed_ip_id = OK
744
icmp_unreach_echoed_total_len = OK
745
icmp_unreach_echoed_3bit_flags = OK
746
747
#Module F [TCP SYN | ACK Module]
748
#IP header of the TCP SYN ACK
749
tcp_syn_ack_tos = 0
750
tcp_syn_ack_df = 0
751
tcp_syn_ack_ip_id = !0
752
tcp_syn_ack_ttl = <64
753
754
#Information from the TCP header
755
tcp_syn_ack_ack = 1
756
tcp_syn_ack_window_size = 16384
757
tcp_syn_ack_options_order = "MSS"
758
tcp_syn_ack_wscale = NONE
759
tcp_syn_ack_tsval = NONE
760
tcp_syn_ack_tsecr = NONE
761
762
#Module G [TCP RST|ACK]
763
tcp_rst_reply = y
764
tcp_rst_df = 1
765
tcp_rst_ip_id_1 = !0
766
tcp_rst_ip_id_2 = !0
767
tcp_rst_ip_id_strategy = I
768
tcp_rst_ttl = <64
769
}
770
771
772
fingerprint {
773
OS_ID = "Foundry Networks IronWare Version 07.5.04T53"
774
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
775
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
776
#Date: 14 July 2003
777
#Modified: 14 July 2003
778
779
#Module A [ICMP ECHO Probe]
780
icmp_echo_reply = y
781
782
783
icmp_echo_code = !0
784
icmp_echo_ip_id = !0
785
icmp_echo_tos_bits = !0
786
icmp_echo_df_bit = 0
787
icmp_echo_reply_ttl = <64
788
789
#Module B [ICMP Timestamp Probe]
790
icmp_timestamp_reply = n
791
icmp_timestamp_reply_ttl = <64
792
icmp_timestamp_reply_ip_id = !0
793
794
#Module C [ICMP Address Mask Request Probe]
795
icmp_addrmask_reply = y
796
icmp_addrmask_reply_ttl = <64
797
icmp_addrmask_reply_ip_id = !0
798
799
#Module D [ICMP Information Request Probe]
800
icmp_info_reply = n
801
icmp_info_reply_ttl = <64
802
icmp_info_reply_ip_id = !0
803
804
#Module E [UDP -> ICMP Unreachable probe]
805
#IP_Header_of_the_UDP_Port_Unreachable_error_message
806
icmp_unreach_reply = y
807
icmp_unreach_echoed_dtsize = 8
808
icmp_unreach_reply_ttl = <64
809
icmp_unreach_precedence_bits = 0
810
icmp_unreach_df_bit = 0
811
icmp_unreach_ip_id = !0
812
813
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
814
icmp_unreach_echoed_udp_cksum = OK
815
icmp_unreach_echoed_ip_cksum = OK
816
icmp_unreach_echoed_ip_id = OK
817
icmp_unreach_echoed_total_len = OK
818
icmp_unreach_echoed_3bit_flags = OK
819
820
#Module F [TCP SYN | ACK Module]
821
#IP header of the TCP SYN ACK
822
tcp_syn_ack_tos = 0
823
tcp_syn_ack_df = 0
824
tcp_syn_ack_ip_id = !0
825
tcp_syn_ack_ttl = <64
826
827
#Information from the TCP header
828
tcp_syn_ack_ack = 1
829
tcp_syn_ack_window_size = 16384
830
tcp_syn_ack_options_order = "MSS"
831
tcp_syn_ack_wscale = NONE
832
tcp_syn_ack_tsval = NONE
833
tcp_syn_ack_tsecr = NONE
834
835
#Module G [TCP RST|ACK]
836
tcp_rst_reply = y
837
tcp_rst_df = 1
838
tcp_rst_ip_id_1 = !0
839
tcp_rst_ip_id_2 = !0
840
tcp_rst_ip_id_strategy = I
841
tcp_rst_ttl = <64
842
}
843
844
845
fingerprint {
846
OS_ID = "Foundry Networks IronWare Version 07.5.05KT53"
847
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
848
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
849
#Date: 14 July 2003
850
#Modified: 14 July 2003
851
852
#Module A [ICMP ECHO Probe]
853
icmp_echo_reply = y
854
855
856
icmp_echo_code = !0
857
icmp_echo_ip_id = !0
858
icmp_echo_tos_bits = !0
859
icmp_echo_df_bit = 0
860
icmp_echo_reply_ttl = <64
861
862
#Module B [ICMP Timestamp Probe]
863
icmp_timestamp_reply = n
864
icmp_timestamp_reply_ttl = <64
865
icmp_timestamp_reply_ip_id = !0
866
867
#Module C [ICMP Address Mask Request Probe]
868
icmp_addrmask_reply = y
869
icmp_addrmask_reply_ttl = <64
870
icmp_addrmask_reply_ip_id = !0
871
872
#Module D [ICMP Information Request Probe]
873
icmp_info_reply = n
874
icmp_info_reply_ttl = <64
875
icmp_info_reply_ip_id = !0
876
877
#Module E [UDP -> ICMP Unreachable probe]
878
#IP_Header_of_the_UDP_Port_Unreachable_error_message
879
icmp_unreach_reply = y
880
icmp_unreach_echoed_dtsize = 8
881
icmp_unreach_reply_ttl = <64
882
icmp_unreach_precedence_bits = 0
883
icmp_unreach_df_bit = 0
884
icmp_unreach_ip_id = !0
885
886
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
887
icmp_unreach_echoed_udp_cksum = OK
888
icmp_unreach_echoed_ip_cksum = OK
889
icmp_unreach_echoed_ip_id = OK
890
icmp_unreach_echoed_total_len = OK
891
icmp_unreach_echoed_3bit_flags = OK
892
893
#Module F [TCP SYN | ACK Module]
894
#IP header of the TCP SYN ACK
895
tcp_syn_ack_tos = 0
896
tcp_syn_ack_df = 0
897
tcp_syn_ack_ip_id = !0
898
tcp_syn_ack_ttl = <64
899
900
#Information from the TCP header
901
tcp_syn_ack_ack = 1
902
tcp_syn_ack_window_size = 16384
903
tcp_syn_ack_options_order = "MSS"
904
tcp_syn_ack_wscale = NONE
905
tcp_syn_ack_tsval = NONE
906
tcp_syn_ack_tsecr = NONE
907
908
#Module G [TCP RST|ACK]
909
tcp_rst_reply = y
910
tcp_rst_df = 1
911
tcp_rst_ip_id_1 = !0
912
tcp_rst_ip_id_2 = !0
913
tcp_rst_ip_id_strategy = I
914
tcp_rst_ttl = <64
915
}
916
917
fingerprint {
918
OS_ID = "Foundry Networks IronWare 07.6.01BT51"
919
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
920
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
921
#Date: 14 July 2003
922
#Modified: 14 July 2003
923
924
#Module A [ICMP ECHO Probe]
925
icmp_echo_reply = y
926
927
928
icmp_echo_code = !0
929
icmp_echo_ip_id = !0
930
icmp_echo_tos_bits = !0
931
icmp_echo_df_bit = 0
932
icmp_echo_reply_ttl = <64
933
934
#Module B [ICMP Timestamp Probe]
935
icmp_timestamp_reply = n
936
icmp_timestamp_reply_ttl = <64
937
icmp_timestamp_reply_ip_id = !0
938
939
#Module C [ICMP Address Mask Request Probe]
940
icmp_addrmask_reply = y
941
icmp_addrmask_reply_ttl = <64
942
icmp_addrmask_reply_ip_id = !0
943
944
#Module D [ICMP Information Request Probe]
945
icmp_info_reply = n
946
icmp_info_reply_ttl = <64
947
icmp_info_reply_ip_id = !0
948
949
#Module E [UDP -> ICMP Unreachable probe]
950
#IP_Header_of_the_UDP_Port_Unreachable_error_message
951
icmp_unreach_reply = y
952
icmp_unreach_echoed_dtsize = 8
953
icmp_unreach_reply_ttl = <64
954
icmp_unreach_precedence_bits = 0
955
icmp_unreach_df_bit = 0
956
icmp_unreach_ip_id = !0
957
958
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
959
icmp_unreach_echoed_udp_cksum = OK
960
icmp_unreach_echoed_ip_cksum = OK
961
icmp_unreach_echoed_ip_id = OK
962
icmp_unreach_echoed_total_len = OK
963
icmp_unreach_echoed_3bit_flags = OK
964
965
#Module F [TCP SYN | ACK Module]
966
#IP header of the TCP SYN ACK
967
tcp_syn_ack_tos = 0
968
tcp_syn_ack_df = 0
969
tcp_syn_ack_ip_id = !0
970
tcp_syn_ack_ttl = <64
971
972
#Information from the TCP header
973
tcp_syn_ack_ack = 1
974
tcp_syn_ack_window_size = 16384
975
tcp_syn_ack_options_order = "MSS"
976
tcp_syn_ack_wscale = NONE
977
tcp_syn_ack_tsval = NONE
978
tcp_syn_ack_tsecr = NONE
979
980
#Module G [TCP RST|ACK]
981
tcp_rst_reply = y
982
tcp_rst_df = 1
983
tcp_rst_ip_id_1 = !0
984
tcp_rst_ip_id_2 = !0
985
tcp_rst_ip_id_strategy = I
986
tcp_rst_ttl = <64
987
988
}
989
990
fingerprint {
991
OS_ID = "Foundry Networks IronWare 07.6.04aT51"
992
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
993
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
994
#Date: 12 February 2005
995
#Modified: -
996
997
#Module A [ICMP ECHO Probe]
998
icmp_echo_reply = y
999
1000
1001
icmp_echo_code = !0
1002
icmp_echo_ip_id = !0
1003
icmp_echo_tos_bits = !0
1004
icmp_echo_df_bit = 0
1005
icmp_echo_reply_ttl = <64
1006
1007
#Module B [ICMP Timestamp Probe]
1008
icmp_timestamp_reply = n
1009
icmp_timestamp_reply_ttl = <64
1010
icmp_timestamp_reply_ip_id = !0
1011
1012
#Module C [ICMP Address Mask Request Probe]
1013
icmp_addrmask_reply = y
1014
icmp_addrmask_reply_ttl = <64
1015
icmp_addrmask_reply_ip_id = !0
1016
1017
#Module D [ICMP Information Request Probe]
1018
icmp_info_reply = n
1019
icmp_info_reply_ttl = <64
1020
icmp_info_reply_ip_id = !0
1021
1022
#Module E [UDP -> ICMP Unreachable probe]
1023
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1024
icmp_unreach_reply = y
1025
icmp_unreach_echoed_dtsize = 8
1026
icmp_unreach_reply_ttl = <64
1027
icmp_unreach_precedence_bits = 0
1028
icmp_unreach_df_bit = 0
1029
icmp_unreach_ip_id = !0
1030
1031
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1032
icmp_unreach_echoed_udp_cksum = OK
1033
icmp_unreach_echoed_ip_cksum = OK
1034
icmp_unreach_echoed_ip_id = OK
1035
icmp_unreach_echoed_total_len = OK
1036
icmp_unreach_echoed_3bit_flags = OK
1037
1038
#Module F [TCP SYN | ACK Module]
1039
#IP header of the TCP SYN ACK
1040
tcp_syn_ack_tos = 0
1041
tcp_syn_ack_df = 0
1042
tcp_syn_ack_ip_id = !0
1043
tcp_syn_ack_ttl = <64
1044
1045
#Information from the TCP header
1046
tcp_syn_ack_ack = 1
1047
tcp_syn_ack_window_size = 16384
1048
tcp_syn_ack_options_order = "MSS"
1049
tcp_syn_ack_wscale = NONE
1050
tcp_syn_ack_tsval = NONE
1051
tcp_syn_ack_tsecr = NONE
1052
1053
#Module G [TCP RST|ACK]
1054
tcp_rst_reply = y
1055
tcp_rst_df = 1
1056
tcp_rst_ip_id_1 = !0
1057
tcp_rst_ip_id_2 = !0
1058
tcp_rst_ip_id_strategy = I
1059
tcp_rst_ttl = <64
1060
1061
}
1062
1063
fingerprint {
1064
OS_ID = "Foundry Networks IronWare 07.7.01eT53"
1065
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1066
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1067
#Date: 12 February 2005
1068
#Modified: -
1069
1070
#Module A [ICMP ECHO Probe]
1071
icmp_echo_reply = y
1072
1073
1074
icmp_echo_code = !0
1075
icmp_echo_ip_id = !0
1076
icmp_echo_tos_bits = !0
1077
icmp_echo_df_bit = 0
1078
icmp_echo_reply_ttl = <64
1079
1080
#Module B [ICMP Timestamp Probe]
1081
icmp_timestamp_reply = n
1082
icmp_timestamp_reply_ttl = <64
1083
icmp_timestamp_reply_ip_id = !0
1084
1085
#Module C [ICMP Address Mask Request Probe]
1086
icmp_addrmask_reply = y
1087
icmp_addrmask_reply_ttl = <64
1088
icmp_addrmask_reply_ip_id = !0
1089
1090
#Module D [ICMP Information Request Probe]
1091
icmp_info_reply = n
1092
icmp_info_reply_ttl = <64
1093
icmp_info_reply_ip_id = !0
1094
1095
#Module E [UDP -> ICMP Unreachable probe]
1096
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1097
icmp_unreach_reply = y
1098
icmp_unreach_echoed_dtsize = 8
1099
icmp_unreach_reply_ttl = <64
1100
icmp_unreach_precedence_bits = 0
1101
icmp_unreach_df_bit = 0
1102
icmp_unreach_ip_id = !0
1103
1104
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1105
icmp_unreach_echoed_udp_cksum = OK
1106
icmp_unreach_echoed_ip_cksum = OK
1107
icmp_unreach_echoed_ip_id = OK
1108
icmp_unreach_echoed_total_len = OK
1109
icmp_unreach_echoed_3bit_flags = OK
1110
1111
#Module F [TCP SYN | ACK Module]
1112
#IP header of the TCP SYN ACK
1113
tcp_syn_ack_tos = 0
1114
tcp_syn_ack_df = 0
1115
tcp_syn_ack_ip_id = !0
1116
tcp_syn_ack_ttl = <64
1117
1118
#Information from the TCP header
1119
tcp_syn_ack_ack = 1
1120
tcp_syn_ack_window_size = 16384
1121
tcp_syn_ack_options_order = "MSS"
1122
tcp_syn_ack_wscale = NONE
1123
tcp_syn_ack_tsval = NONE
1124
tcp_syn_ack_tsecr = NONE
1125
1126
#Module G [TCP RST|ACK]
1127
tcp_rst_reply = y
1128
tcp_rst_df = 1
1129
tcp_rst_ip_id_1 = !0
1130
tcp_rst_ip_id_2 = !0
1131
tcp_rst_ip_id_strategy = I
1132
tcp_rst_ttl = <64
1133
}
1134
1135
#FreeBSD
1136
1137
fingerprint {
1138
OS_ID = "FreeBSD 5.3"
1139
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1140
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1141
#Date: 13 December 2004
1142
#Modified: -
1143
1144
#Module A [ICMP ECHO Probe]
1145
icmp_echo_reply = y
1146
1147
1148
icmp_echo_code = !0
1149
icmp_echo_ip_id = !0
1150
icmp_echo_tos_bits = !0
1151
icmp_echo_df_bit = 1
1152
icmp_echo_reply_ttl = <64
1153
1154
#Module B [ICMP Timestamp Probe]
1155
icmp_timestamp_reply = y
1156
icmp_timestamp_reply_ttl = <64
1157
icmp_timestamp_reply_ip_id = !0
1158
1159
#Module C [ICMP Address Mask Request Probe]
1160
icmp_addrmask_reply = n
1161
icmp_addrmask_reply_ttl = <64
1162
icmp_addrmask_reply_ip_id = !0
1163
1164
#Module D [ICMP Information Request Probe]
1165
icmp_info_reply = n
1166
icmp_info_reply_ttl = <64
1167
icmp_info_reply_ip_id = !0
1168
1169
#Module E [UDP -> ICMP Unreachable probe]
1170
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1171
icmp_unreach_reply = y
1172
icmp_unreach_echoed_dtsize = 8
1173
icmp_unreach_reply_ttl = <64
1174
icmp_unreach_precedence_bits = 0
1175
icmp_unreach_df_bit = 1
1176
icmp_unreach_ip_id = !0
1177
1178
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1179
icmp_unreach_echoed_udp_cksum = 0
1180
icmp_unreach_echoed_ip_cksum = OK
1181
icmp_unreach_echoed_ip_id = OK
1182
icmp_unreach_echoed_total_len = OK
1183
icmp_unreach_echoed_3bit_flags = OK
1184
1185
#Module F [TCP SYN | ACK Module]
1186
#IP header of the TCP SYN | ACK
1187
tcp_syn_ack_tos = 0
1188
tcp_syn_ack_df = 1
1189
tcp_syn_ack_ip_id = !0
1190
tcp_syn_ack_ttl = <64
1191
1192
#Information from the TCP header
1193
tcp_syn_ack_ack = 1
1194
tcp_syn_ack_window_size = 65535
1195
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
1196
tcp_syn_ack_wscale = 1
1197
tcp_syn_ack_tsval = !0
1198
tcp_syn_ack_tsecr = !0
1199
1200
#Module G [TCP RST|ACK]
1201
tcp_rst_reply = y
1202
tcp_rst_df = 1
1203
tcp_rst_ip_id_1 = !0
1204
tcp_rst_ip_id_2 = !0
1205
tcp_rst_ip_id_strategy = I
1206
tcp_rst_ttl = <64
1207
}
1208
1209
fingerprint {
1210
OS_ID = "FreeBSD 5.3 (RFC1323 extensions off, net.inet.tcp.rfc1323=0)"
1211
#Entry inserted to the database by: Meder Kydyraliev (meder@o0o.nu)
1212
#Entry contributed by: Meder Kydyraliev (meder@o0o.nu)
1213
#Date:
1214
#Modified:
1215
icmp_addrmask_reply = n
1216
icmp_addrmask_reply_ip_id = !0
1217
icmp_addrmask_reply_ttl = <255
1218
icmp_echo_code = !0
1219
icmp_echo_df_bit = 1
1220
icmp_echo_ip_id = !0
1221
icmp_echo_reply = y
1222
icmp_echo_reply_ttl = <64
1223
icmp_echo_tos_bits = !0
1224
icmp_timestamp_reply = y
1225
icmp_timestamp_reply_ip_id = !0
1226
icmp_timestamp_reply_ttl = <64
1227
icmp_unreach_df_bit = 1
1228
icmp_unreach_echoed_3bit_flags = OK
1229
icmp_unreach_echoed_dtsize = 8
1230
icmp_unreach_echoed_ip_cksum = OK
1231
icmp_unreach_echoed_ip_id = OK
1232
icmp_unreach_echoed_total_len = OK
1233
icmp_unreach_echoed_udp_cksum = 0
1234
icmp_unreach_ip_id = !0
1235
icmp_unreach_precedence_bits = 0
1236
icmp_unreach_reply = y
1237
icmp_unreach_reply_ttl = <64
1238
tcp_rst_df = 1
1239
tcp_rst_ip_id_1 = !0
1240
tcp_rst_ip_id_2 = !0
1241
tcp_rst_ip_id_strategy = I
1242
tcp_rst_reply = y
1243
tcp_rst_ttl = <64
1244
tcp_syn_ack_ack = 1
1245
tcp_syn_ack_df = 1
1246
tcp_syn_ack_ip_id = !0
1247
tcp_syn_ack_options_order = MSS NOP NOP SACK
1248
tcp_syn_ack_tos = 0
1249
tcp_syn_ack_tsecr = NONE
1250
tcp_syn_ack_tsval = NONE
1251
tcp_syn_ack_ttl = <64
1252
tcp_syn_ack_window_size = 65535
1253
tcp_syn_ack_wscale = NONE
1254
}
1255
1256
fingerprint {
1257
OS_ID = "FreeBSD 5.2.1"
1258
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1259
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1260
#Date: 13 December 2004
1261
#Modified: -
1262
1263
#Module A [ICMP ECHO Probe]
1264
icmp_echo_reply = y
1265
1266
1267
icmp_echo_code = !0
1268
icmp_echo_ip_id = !0
1269
icmp_echo_tos_bits = !0
1270
icmp_echo_df_bit = 1
1271
icmp_echo_reply_ttl = <64
1272
1273
#Module B [ICMP Timestamp Probe]
1274
icmp_timestamp_reply = y
1275
icmp_timestamp_reply_ttl = <64
1276
icmp_timestamp_reply_ip_id = !0
1277
1278
#Module C [ICMP Address Mask Request Probe]
1279
icmp_addrmask_reply = n
1280
icmp_addrmask_reply_ttl = <64
1281
icmp_addrmask_reply_ip_id = !0
1282
1283
#Module D [ICMP Information Request Probe]
1284
icmp_info_reply = n
1285
icmp_info_reply_ttl = <64
1286
icmp_info_reply_ip_id = !0
1287
1288
#Module E [UDP -> ICMP Unreachable probe]
1289
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1290
icmp_unreach_reply = y
1291
icmp_unreach_echoed_dtsize = 8
1292
icmp_unreach_reply_ttl = <64
1293
icmp_unreach_precedence_bits = 0
1294
icmp_unreach_df_bit = 1
1295
icmp_unreach_ip_id = !0
1296
1297
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1298
icmp_unreach_echoed_udp_cksum = 0
1299
icmp_unreach_echoed_ip_cksum = OK
1300
icmp_unreach_echoed_ip_id = OK
1301
icmp_unreach_echoed_total_len = OK
1302
icmp_unreach_echoed_3bit_flags = OK
1303
1304
#Module F [TCP SYN | ACK Module]
1305
#IP header of the TCP SYN | ACK
1306
tcp_syn_ack_tos = 0
1307
tcp_syn_ack_df = 1
1308
tcp_syn_ack_ip_id = !0
1309
tcp_syn_ack_ttl = <64
1310
1311
#Information from the TCP header
1312
tcp_syn_ack_ack = 1
1313
tcp_syn_ack_window_size = 65535
1314
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1315
tcp_syn_ack_wscale = 1
1316
tcp_syn_ack_tsval = !0
1317
tcp_syn_ack_tsecr = !0
1318
1319
#Module G [TCP RST|ACK]
1320
tcp_rst_reply = y
1321
tcp_rst_df = 1
1322
tcp_rst_ip_id_1 = !0
1323
tcp_rst_ip_id_2 = !0
1324
tcp_rst_ip_id_strategy = I
1325
tcp_rst_ttl = <64
1326
}
1327
1328
fingerprint {
1329
OS_ID = "FreeBSD 5.2"
1330
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1331
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1332
#Date: 13 December 2004
1333
#Modified: -
1334
1335
#Module A [ICMP ECHO Probe]
1336
icmp_echo_reply = y
1337
1338
1339
icmp_echo_code = !0
1340
icmp_echo_ip_id = !0
1341
icmp_echo_tos_bits = !0
1342
icmp_echo_df_bit = 1
1343
icmp_echo_reply_ttl = <64
1344
1345
#Module B [ICMP Timestamp Probe]
1346
icmp_timestamp_reply = y
1347
icmp_timestamp_reply_ttl = <64
1348
icmp_timestamp_reply_ip_id = !0
1349
1350
#Module C [ICMP Address Mask Request Probe]
1351
icmp_addrmask_reply = n
1352
icmp_addrmask_reply_ttl = <64
1353
icmp_addrmask_reply_ip_id = !0
1354
1355
#Module D [ICMP Information Request Probe]
1356
icmp_info_reply = n
1357
icmp_info_reply_ttl = <64
1358
icmp_info_reply_ip_id = !0
1359
1360
#Module E [UDP -> ICMP Unreachable probe]
1361
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1362
icmp_unreach_reply = y
1363
icmp_unreach_echoed_dtsize = 8
1364
icmp_unreach_reply_ttl = <64
1365
icmp_unreach_precedence_bits = 0
1366
icmp_unreach_df_bit = 1
1367
icmp_unreach_ip_id = !0
1368
1369
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1370
icmp_unreach_echoed_udp_cksum = 0
1371
icmp_unreach_echoed_ip_cksum = OK
1372
icmp_unreach_echoed_ip_id = OK
1373
icmp_unreach_echoed_total_len = OK
1374
icmp_unreach_echoed_3bit_flags = OK
1375
1376
#Module F [TCP SYN | ACK Module]
1377
#IP header of the TCP SYN | ACK
1378
tcp_syn_ack_tos = 0
1379
tcp_syn_ack_df = 1
1380
tcp_syn_ack_ip_id = !0
1381
tcp_syn_ack_ttl = <64
1382
1383
#Information from the TCP header
1384
tcp_syn_ack_ack = 1
1385
tcp_syn_ack_window_size = 65535
1386
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1387
tcp_syn_ack_wscale = 1
1388
tcp_syn_ack_tsval = !0
1389
tcp_syn_ack_tsecr = !0
1390
1391
#Module G [TCP RST|ACK]
1392
tcp_rst_reply = y
1393
tcp_rst_df = 1
1394
tcp_rst_ip_id_1 = !0
1395
tcp_rst_ip_id_2 = !0
1396
tcp_rst_ip_id_strategy = I
1397
tcp_rst_ttl = <64
1398
}
1399
1400
fingerprint {
1401
OS_ID = "FreeBSD 5.1"
1402
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1403
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1404
#Date: 25 June 2003
1405
#Modified: 25 June 2003
1406
1407
#Module A [ICMP ECHO Probe]
1408
icmp_echo_reply = y
1409
1410
1411
icmp_echo_code = !0
1412
icmp_echo_ip_id = !0
1413
icmp_echo_tos_bits = !0
1414
icmp_echo_df_bit = 1
1415
icmp_echo_reply_ttl = <64
1416
1417
#Module B [ICMP Timestamp Probe]
1418
icmp_timestamp_reply = y
1419
icmp_timestamp_reply_ttl = <64
1420
icmp_timestamp_reply_ip_id = !0
1421
1422
#Module C [ICMP Address Mask Request Probe]
1423
icmp_addrmask_reply = n
1424
icmp_addrmask_reply_ttl = <64
1425
icmp_addrmask_reply_ip_id = !0
1426
1427
#Module D [ICMP Information Request Probe]
1428
icmp_info_reply = n
1429
icmp_info_reply_ttl = <64
1430
icmp_info_reply_ip_id = !0
1431
1432
#Module E [UDP -> ICMP Unreachable probe]
1433
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1434
icmp_unreach_reply = y
1435
icmp_unreach_echoed_dtsize = 8
1436
icmp_unreach_reply_ttl = <64
1437
icmp_unreach_precedence_bits = 0
1438
icmp_unreach_df_bit = 1
1439
icmp_unreach_ip_id = !0
1440
1441
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1442
icmp_unreach_echoed_udp_cksum = 0
1443
icmp_unreach_echoed_ip_cksum = OK
1444
icmp_unreach_echoed_ip_id = OK
1445
icmp_unreach_echoed_total_len = OK
1446
icmp_unreach_echoed_3bit_flags = OK
1447
1448
#Module F [TCP SYN | ACK Module]
1449
#IP header of the TCP SYN | ACK
1450
tcp_syn_ack_tos = 0
1451
tcp_syn_ack_df = 1
1452
tcp_syn_ack_ip_id = !0
1453
tcp_syn_ack_ttl = <64
1454
1455
#Information from the TCP header
1456
tcp_syn_ack_ack = 1
1457
tcp_syn_ack_window_size = 65535
1458
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1459
tcp_syn_ack_wscale = 1
1460
tcp_syn_ack_tsval = !0
1461
tcp_syn_ack_tsecr = !0
1462
1463
#Module G [TCP RST|ACK]
1464
tcp_rst_reply = y
1465
tcp_rst_df = 0
1466
tcp_rst_ip_id_1 = !0
1467
tcp_rst_ip_id_2 = !0
1468
tcp_rst_ip_id_strategy = I
1469
tcp_rst_ttl = <64
1470
}
1471
1472
fingerprint {
1473
OS_ID = "FreeBSD 5.0"
1474
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1475
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1476
#Date: 5 April 2003
1477
#Modified: 29 June 2003
1478
1479
#Module A
1480
icmp_echo_reply = y
1481
1482
1483
icmp_echo_code = !0
1484
icmp_echo_ip_id = !0
1485
icmp_echo_tos_bits = !0
1486
icmp_echo_df_bit = 1
1487
icmp_echo_reply_ttl = <64
1488
1489
#Module B
1490
icmp_timestamp_reply = y
1491
icmp_timestamp_reply_ttl = <64
1492
icmp_timestamp_reply_ip_id = !0
1493
1494
#Module C
1495
icmp_addrmask_reply = n
1496
icmp_addrmask_reply_ttl = <64
1497
icmp_addrmask_reply_ip_id = !0
1498
1499
#Module D
1500
icmp_info_reply = n
1501
icmp_info_reply_ttl = <64
1502
icmp_info_reply_ip_id = !0
1503
1504
#Module E
1505
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1506
icmp_unreach_reply = y
1507
icmp_unreach_echoed_dtsize = 8
1508
icmp_unreach_reply_ttl = <64
1509
icmp_unreach_precedence_bits = 0
1510
icmp_unreach_df_bit = 1
1511
icmp_unreach_ip_id = !0
1512
1513
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1514
icmp_unreach_echoed_udp_cksum = 0
1515
icmp_unreach_echoed_ip_cksum = OK
1516
icmp_unreach_echoed_ip_id = OK
1517
icmp_unreach_echoed_total_len = OK
1518
icmp_unreach_echoed_3bit_flags = OK
1519
1520
#Module F [TCP SYN | ACK Module]
1521
#IP header of the TCP SYN | ACK
1522
tcp_syn_ack_tos = 0
1523
tcp_syn_ack_df = 1
1524
tcp_syn_ack_ip_id = !0
1525
tcp_syn_ack_ttl = <64
1526
1527
#Information from the TCP header
1528
tcp_syn_ack_ack = 1
1529
tcp_syn_ack_window_size = 65535
1530
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1531
tcp_syn_ack_wscale = 1
1532
tcp_syn_ack_tsval = !0
1533
tcp_syn_ack_tsecr = !0
1534
1535
#Module G [TCP RST|ACK]
1536
tcp_rst_reply = y
1537
tcp_rst_df = 0
1538
tcp_rst_ip_id_1 = !0
1539
tcp_rst_ip_id_2 = !0
1540
tcp_rst_ip_id_strategy = I
1541
tcp_rst_ttl = <64
1542
}
1543
1544
1545
fingerprint {
1546
OS_ID = "FreeBSD 4.10"
1547
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1548
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1549
#Date: 13 December 2004
1550
#Modified:
1551
1552
#Module A
1553
icmp_echo_reply = y
1554
1555
1556
icmp_echo_code = !0
1557
icmp_echo_ip_id = !0
1558
icmp_echo_tos_bits = !0
1559
icmp_echo_df_bit = 1
1560
icmp_echo_reply_ttl = <64
1561
1562
#Module B
1563
icmp_timestamp_reply = y
1564
icmp_timestamp_reply_ttl = <64
1565
icmp_timestamp_reply_ip_id = !0
1566
1567
#Module C
1568
icmp_addrmask_reply = n
1569
icmp_addrmask_reply_ttl = <64
1570
icmp_addrmask_reply_ip_id = !0
1571
1572
#Module D
1573
icmp_info_reply = n
1574
icmp_info_reply_ttl = <64
1575
icmp_info_reply_ip_id = !0
1576
1577
#Module E
1578
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1579
icmp_unreach_reply = y
1580
icmp_unreach_echoed_dtsize = 8
1581
icmp_unreach_reply_ttl = <64
1582
icmp_unreach_precedence_bits = 0
1583
icmp_unreach_df_bit = 1
1584
icmp_unreach_ip_id = !0
1585
1586
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1587
icmp_unreach_echoed_udp_cksum = 0
1588
icmp_unreach_echoed_ip_cksum = OK
1589
icmp_unreach_echoed_ip_id = OK
1590
icmp_unreach_echoed_total_len = OK
1591
icmp_unreach_echoed_3bit_flags = OK
1592
1593
#Module F [TCP SYN | ACK Module]
1594
#IP header of the TCP SYN | ACK
1595
tcp_syn_ack_tos = 0
1596
tcp_syn_ack_df = 1
1597
tcp_syn_ack_ip_id = !0
1598
tcp_syn_ack_ttl = <64
1599
1600
#Information from the TCP header
1601
tcp_syn_ack_ack = 1
1602
tcp_syn_ack_window_size = 57344
1603
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1604
tcp_syn_ack_wscale = 0
1605
tcp_syn_ack_tsval = !0
1606
tcp_syn_ack_tsecr = !0
1607
1608
#Module G [TCP RST|ACK]
1609
tcp_rst_reply = y
1610
tcp_rst_df = 0
1611
tcp_rst_ip_id_1 = !0
1612
tcp_rst_ip_id_2 = !0
1613
tcp_rst_ip_id_strategy = I
1614
tcp_rst_ttl = <64
1615
}
1616
1617
fingerprint {
1618
OS_ID = "FreeBSD 4.9"
1619
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1620
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1621
#Date: 13 December 2004
1622
#Modified:
1623
1624
#Module A
1625
icmp_echo_reply = y
1626
1627
1628
icmp_echo_code = !0
1629
icmp_echo_ip_id = !0
1630
icmp_echo_tos_bits = !0
1631
icmp_echo_df_bit = 1
1632
icmp_echo_reply_ttl = <64
1633
1634
#Module B
1635
icmp_timestamp_reply = y
1636
icmp_timestamp_reply_ttl = <64
1637
icmp_timestamp_reply_ip_id = !0
1638
1639
#Module C
1640
icmp_addrmask_reply = n
1641
icmp_addrmask_reply_ttl = <64
1642
icmp_addrmask_reply_ip_id = !0
1643
1644
#Module D
1645
icmp_info_reply = n
1646
icmp_info_reply_ttl = <64
1647
icmp_info_reply_ip_id = !0
1648
1649
#Module E
1650
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1651
icmp_unreach_reply = y
1652
icmp_unreach_echoed_dtsize = 8
1653
icmp_unreach_reply_ttl = <64
1654
icmp_unreach_precedence_bits = 0
1655
icmp_unreach_df_bit = 1
1656
icmp_unreach_ip_id = !0
1657
1658
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1659
icmp_unreach_echoed_udp_cksum = 0
1660
icmp_unreach_echoed_ip_cksum = OK
1661
icmp_unreach_echoed_ip_id = OK
1662
icmp_unreach_echoed_total_len = OK
1663
icmp_unreach_echoed_3bit_flags = OK
1664
1665
#Module F [TCP SYN | ACK Module]
1666
#IP header of the TCP SYN | ACK
1667
tcp_syn_ack_tos = 0
1668
tcp_syn_ack_df = 1
1669
tcp_syn_ack_ip_id = !0
1670
tcp_syn_ack_ttl = <64
1671
1672
#Information from the TCP header
1673
tcp_syn_ack_ack = 1
1674
tcp_syn_ack_window_size = 57344
1675
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1676
tcp_syn_ack_wscale = 0
1677
tcp_syn_ack_tsval = !0
1678
tcp_syn_ack_tsecr = !0
1679
1680
#Module G [TCP RST|ACK]
1681
tcp_rst_reply = y
1682
tcp_rst_df = 0
1683
tcp_rst_ip_id_1 = !0
1684
tcp_rst_ip_id_2 = !0
1685
tcp_rst_ip_id_strategy = I
1686
tcp_rst_ttl = <64
1687
1688
}
1689
1690
fingerprint {
1691
OS_ID = "FreeBSD 4.8"
1692
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1693
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1694
#Date: 5 April 2003
1695
#Modified: 29 June 2003
1696
1697
#Module A
1698
icmp_echo_reply = y
1699
1700
1701
icmp_echo_code = !0
1702
icmp_echo_ip_id = !0
1703
icmp_echo_tos_bits = !0
1704
icmp_echo_df_bit = 1
1705
icmp_echo_reply_ttl = <64
1706
1707
#Module B
1708
icmp_timestamp_reply = y
1709
icmp_timestamp_reply_ttl = <64
1710
icmp_timestamp_reply_ip_id = !0
1711
1712
#Module C
1713
icmp_addrmask_reply = n
1714
icmp_addrmask_reply_ttl = <64
1715
icmp_addrmask_reply_ip_id = !0
1716
1717
#Module D
1718
icmp_info_reply = n
1719
icmp_info_reply_ttl = <64
1720
icmp_info_reply_ip_id = !0
1721
1722
#Module E
1723
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1724
icmp_unreach_reply = y
1725
icmp_unreach_echoed_dtsize = 8
1726
icmp_unreach_reply_ttl = <64
1727
icmp_unreach_precedence_bits = 0
1728
icmp_unreach_df_bit = 1
1729
icmp_unreach_ip_id = !0
1730
1731
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1732
icmp_unreach_echoed_udp_cksum = 0
1733
icmp_unreach_echoed_ip_cksum = OK
1734
icmp_unreach_echoed_ip_id = OK
1735
icmp_unreach_echoed_total_len = OK
1736
icmp_unreach_echoed_3bit_flags = OK
1737
1738
#Module F [TCP SYN | ACK Module]
1739
#IP header of the TCP SYN | ACK
1740
tcp_syn_ack_tos = 0
1741
tcp_syn_ack_df = 1
1742
tcp_syn_ack_ip_id = !0
1743
tcp_syn_ack_ttl = <64
1744
1745
#Information from the TCP header
1746
tcp_syn_ack_ack = 1
1747
tcp_syn_ack_window_size = 57344
1748
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1749
tcp_syn_ack_wscale = 0
1750
tcp_syn_ack_tsval = !0
1751
tcp_syn_ack_tsecr = !0
1752
1753
#Module G [TCP RST|ACK]
1754
tcp_rst_reply = y
1755
tcp_rst_df = 0
1756
tcp_rst_ip_id_1 = !0
1757
tcp_rst_ip_id_2 = !0
1758
tcp_rst_ip_id_strategy = I
1759
tcp_rst_ttl = <64
1760
}
1761
1762
fingerprint {
1763
OS_ID = "FreeBSD 4.7"
1764
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1765
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1766
#Date: 5 April 2003
1767
#Modified: 29 June 2003
1768
1769
#Module A
1770
icmp_echo_reply = y
1771
1772
1773
icmp_echo_code = !0
1774
icmp_echo_ip_id = !0
1775
icmp_echo_tos_bits = !0
1776
icmp_echo_df_bit = 1
1777
icmp_echo_reply_ttl = <64
1778
1779
#Module B
1780
icmp_timestamp_reply = y
1781
icmp_timestamp_reply_ttl = <64
1782
icmp_timestamp_reply_ip_id = !0
1783
1784
#Module C
1785
icmp_addrmask_reply = n
1786
icmp_addrmask_reply_ttl = <64
1787
icmp_addrmask_reply_ip_id = !0
1788
1789
#Module D
1790
icmp_info_reply = n
1791
icmp_info_reply_ttl = <64
1792
icmp_info_reply_ip_id = !0
1793
1794
#Module E
1795
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1796
icmp_unreach_reply = y
1797
icmp_unreach_echoed_dtsize = 8
1798
icmp_unreach_reply_ttl = <64
1799
icmp_unreach_precedence_bits = 0
1800
icmp_unreach_df_bit = 1
1801
icmp_unreach_ip_id = !0
1802
1803
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1804
icmp_unreach_echoed_udp_cksum = 0
1805
icmp_unreach_echoed_ip_cksum = OK
1806
icmp_unreach_echoed_ip_id = OK
1807
icmp_unreach_echoed_total_len = OK
1808
icmp_unreach_echoed_3bit_flags = OK
1809
1810
#Module F [TCP SYN | ACK Module]
1811
#IP header of the TCP SYN | ACK
1812
tcp_syn_ack_tos = 0
1813
tcp_syn_ack_df = 1
1814
tcp_syn_ack_ip_id = !0
1815
tcp_syn_ack_ttl = <64
1816
1817
#Information from the TCP header
1818
tcp_syn_ack_ack = 1
1819
tcp_syn_ack_window_size = 57344
1820
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1821
tcp_syn_ack_wscale = 0
1822
tcp_syn_ack_tsval = !0
1823
tcp_syn_ack_tsecr = !0
1824
1825
#Module G [TCP RST|ACK]
1826
tcp_rst_reply = y
1827
tcp_rst_df = 0
1828
tcp_rst_ip_id_1 = !0
1829
tcp_rst_ip_id_2 = !0
1830
tcp_rst_ip_id_strategy = I
1831
tcp_rst_ttl = <64
1832
}
1833
1834
1835
1836
fingerprint {
1837
OS_ID = "FreeBSD 4.6.2"
1838
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1839
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1840
#Date: 25 June 2003
1841
#Modified: 25 June 2003
1842
1843
#Module A [ICMP ECHO Probe]
1844
icmp_echo_reply = y
1845
1846
1847
icmp_echo_code = !0
1848
icmp_echo_ip_id = !0
1849
icmp_echo_tos_bits = !0
1850
icmp_echo_df_bit = 1
1851
icmp_echo_reply_ttl = <64
1852
1853
#Module B [ICMP Timestamp Probe]
1854
icmp_timestamp_reply = y
1855
icmp_timestamp_reply_ttl = <64
1856
icmp_timestamp_reply_ip_id = !0
1857
1858
#Module C [ICMP Address Mask Request Probe]
1859
icmp_addrmask_reply = n
1860
icmp_addrmask_reply_ttl = <64
1861
icmp_addrmask_reply_ip_id = !0
1862
1863
#Module D [ICMP Information Request Probe]
1864
icmp_info_reply = n
1865
icmp_info_reply_ttl = <64
1866
icmp_info_reply_ip_id = !0
1867
1868
#Module E [UDP -> ICMP Unreachable probe]
1869
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1870
icmp_unreach_reply = y
1871
icmp_unreach_echoed_dtsize = 8
1872
icmp_unreach_reply_ttl = <64
1873
icmp_unreach_precedence_bits = 0
1874
icmp_unreach_df_bit = 1
1875
icmp_unreach_ip_id = !0
1876
1877
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1878
icmp_unreach_echoed_udp_cksum = 0
1879
icmp_unreach_echoed_ip_cksum = OK
1880
icmp_unreach_echoed_ip_id = OK
1881
icmp_unreach_echoed_total_len = OK
1882
icmp_unreach_echoed_3bit_flags = OK
1883
1884
#Module F [TCP SYN | ACK Module]
1885
#IP header of the TCP SYN | ACK
1886
tcp_syn_ack_tos = 0
1887
tcp_syn_ack_df = 0
1888
tcp_syn_ack_ip_id = !0
1889
tcp_syn_ack_ttl = <64
1890
1891
#Information from the TCP header
1892
tcp_syn_ack_ack = 1
1893
tcp_syn_ack_window_size = 57344
1894
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1895
tcp_syn_ack_wscale = 0
1896
tcp_syn_ack_tsval = !0
1897
tcp_syn_ack_tsecr = !0
1898
1899
#Module G [TCP RST|ACK]
1900
tcp_rst_reply = y
1901
tcp_rst_df = 0
1902
tcp_rst_ip_id_1 = !0
1903
tcp_rst_ip_id_2 = !0
1904
tcp_rst_ip_id_strategy = I
1905
tcp_rst_ttl = <64
1906
}
1907
1908
1909
fingerprint {
1910
OS_ID = "FreeBSD 4.6"
1911
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1912
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1913
#Date: 11 August 2002
1914
#Modified: 20 March 2003
1915
1916
#Module A
1917
icmp_echo_reply = y
1918
1919
1920
icmp_echo_code = !0
1921
icmp_echo_ip_id = !0
1922
icmp_echo_tos_bits = !0
1923
icmp_echo_df_bit = 1
1924
icmp_echo_reply_ttl = <64
1925
1926
#Module B
1927
icmp_timestamp_reply = y
1928
icmp_timestamp_reply_ttl = <64
1929
icmp_timestamp_reply_ip_id = !0
1930
1931
#Module C
1932
icmp_addrmask_reply = n
1933
icmp_addrmask_reply_ttl = <64
1934
icmp_addrmask_reply_ip_id = !0
1935
1936
#Module D
1937
icmp_info_reply = n
1938
icmp_info_reply_ttl = <64
1939
icmp_info_reply_ip_id = !0
1940
1941
#Module E
1942
#IP_Header_of_the_UDP_Port_Unreachable_error_message
1943
icmp_unreach_reply = y
1944
icmp_unreach_echoed_dtsize = 8
1945
icmp_unreach_reply_ttl = <64
1946
icmp_unreach_precedence_bits = 0
1947
icmp_unreach_df_bit = 1
1948
icmp_unreach_ip_id = !0
1949
1950
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
1951
icmp_unreach_echoed_udp_cksum = 0
1952
icmp_unreach_echoed_ip_cksum = OK
1953
icmp_unreach_echoed_ip_id = OK
1954
icmp_unreach_echoed_total_len = OK
1955
icmp_unreach_echoed_3bit_flags = OK
1956
1957
#Module F [TCP SYN | ACK Module]
1958
#IP header of the TCP SYN | ACK
1959
tcp_syn_ack_tos = 0
1960
tcp_syn_ack_df = 0
1961
tcp_syn_ack_ip_id = !0
1962
tcp_syn_ack_ttl = <64
1963
1964
#Information from the TCP header
1965
tcp_syn_ack_ack = 1
1966
tcp_syn_ack_window_size = 57344
1967
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
1968
tcp_syn_ack_wscale = 0
1969
tcp_syn_ack_tsval = !0
1970
tcp_syn_ack_tsecr = !0
1971
1972
#Module G [TCP RST|ACK]
1973
tcp_rst_reply = y
1974
tcp_rst_df = 0
1975
tcp_rst_ip_id_1 = !0
1976
tcp_rst_ip_id_2 = !0
1977
tcp_rst_ip_id_strategy = I
1978
tcp_rst_ttl = <64
1979
}
1980
1981
1982
fingerprint {
1983
OS_ID = "FreeBSD 4.5"
1984
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
1985
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
1986
#Date: 29 July 2002
1987
#Modified: 20 March 2003
1988
1989
#Module A
1990
icmp_echo_reply = y
1991
1992
1993
icmp_echo_code = !0
1994
icmp_echo_ip_id = !0
1995
icmp_echo_tos_bits = !0
1996
icmp_echo_df_bit = 1
1997
icmp_echo_reply_ttl = <64
1998
1999
#Module B
2000
icmp_timestamp_reply = y
2001
icmp_timestamp_reply_ttl = <64
2002
icmp_timestamp_reply_ip_id = !0
2003
2004
#Module C
2005
icmp_addrmask_reply = n
2006
icmp_addrmask_reply_ttl = <64
2007
icmp_addrmask_reply_ip_id = !0
2008
2009
#Module D
2010
icmp_info_reply = n
2011
icmp_info_reply_ttl = <64
2012
icmp_info_reply_ip_id = !0
2013
2014
#Module E
2015
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2016
icmp_unreach_reply = y
2017
icmp_unreach_echoed_dtsize = 8
2018
icmp_unreach_reply_ttl = <64
2019
icmp_unreach_precedence_bits = 0
2020
icmp_unreach_df_bit = 1
2021
icmp_unreach_ip_id = !0
2022
2023
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2024
icmp_unreach_echoed_udp_cksum = 0
2025
icmp_unreach_echoed_ip_cksum = OK
2026
icmp_unreach_echoed_ip_id = OK
2027
icmp_unreach_echoed_total_len = OK
2028
icmp_unreach_echoed_3bit_flags = OK
2029
2030
#Module F [TCP SYN | ACK Module]
2031
#IP header of the TCP SYN | ACK
2032
tcp_syn_ack_tos = 0
2033
tcp_syn_ack_df = 0
2034
tcp_syn_ack_ip_id = !0
2035
tcp_syn_ack_ttl = <64
2036
2037
#Information from the TCP header
2038
tcp_syn_ack_ack = 1
2039
tcp_syn_ack_window_size = 65535
2040
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
2041
tcp_syn_ack_wscale = 1
2042
tcp_syn_ack_tsval = !0
2043
tcp_syn_ack_tsecr = !0
2044
2045
#Module G [TCP RST|ACK]
2046
tcp_rst_reply = y
2047
tcp_rst_df = 0
2048
tcp_rst_ip_id_1 = !0
2049
tcp_rst_ip_id_2 = !0
2050
tcp_rst_ip_id_strategy = I
2051
tcp_rst_ttl = <64
2052
}
2053
2054
fingerprint {
2055
OS_ID = "FreeBSD 4.4"
2056
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2057
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2058
#Date: 11 August 2002
2059
#Modified: 20 March 2003
2060
2061
#Module A
2062
icmp_echo_reply = y
2063
2064
2065
icmp_echo_code = !0
2066
icmp_echo_ip_id = !0
2067
icmp_echo_tos_bits = !0
2068
icmp_echo_df_bit = 1
2069
icmp_echo_reply_ttl = <64
2070
2071
#Module B
2072
icmp_timestamp_reply = y
2073
icmp_timestamp_reply_ttl = <64
2074
icmp_timestamp_reply_ip_id = !0
2075
2076
#Module C
2077
icmp_addrmask_reply = n
2078
icmp_addrmask_reply_ttl = <64
2079
icmp_addrmask_reply_ip_id = !0
2080
2081
#Module D
2082
icmp_info_reply = n
2083
icmp_info_reply_ttl = <64
2084
icmp_info_reply_ip_id = !0
2085
2086
#Module E
2087
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2088
icmp_unreach_reply = y
2089
icmp_unreach_echoed_dtsize = 8
2090
icmp_unreach_reply_ttl = <64
2091
icmp_unreach_precedence_bits = 0
2092
icmp_unreach_df_bit = 1
2093
icmp_unreach_ip_id = !0
2094
2095
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2096
icmp_unreach_echoed_udp_cksum = 0
2097
icmp_unreach_echoed_ip_cksum = OK
2098
icmp_unreach_echoed_ip_id = OK
2099
icmp_unreach_echoed_total_len = OK
2100
icmp_unreach_echoed_3bit_flags = OK
2101
2102
#Module F [TCP SYN | ACK Module]
2103
#IP header of the TCP SYN | ACK
2104
tcp_syn_ack_tos = 0
2105
tcp_syn_ack_df = 1
2106
tcp_syn_ack_ip_id = !0
2107
tcp_syn_ack_ttl = <64
2108
2109
#Information from the TCP header
2110
tcp_syn_ack_ack = 1
2111
tcp_syn_ack_window_size = 17376
2112
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
2113
tcp_syn_ack_wscale = 0
2114
tcp_syn_ack_tsval = !0
2115
tcp_syn_ack_tsecr = !0
2116
2117
#Module G [TCP RST|ACK]
2118
tcp_rst_reply = y
2119
tcp_rst_df = 0
2120
tcp_rst_ip_id_1 = !0
2121
tcp_rst_ip_id_2 = !0
2122
tcp_rst_ip_id_strategy = I
2123
tcp_rst_ttl = <64
2124
}
2125
2126
fingerprint {
2127
OS_ID = "FreeBSD 4.3"
2128
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2129
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2130
#Date: 11 August 2002
2131
#Modified: 30 June 2003
2132
2133
#Module A
2134
icmp_echo_reply = y
2135
2136
2137
icmp_echo_code = !0
2138
icmp_echo_ip_id = !0
2139
icmp_echo_tos_bits = !0
2140
icmp_echo_df_bit = 1
2141
icmp_echo_reply_ttl = <255
2142
2143
#Module B
2144
icmp_timestamp_reply = y
2145
icmp_timestamp_reply_ttl = <255
2146
icmp_timestamp_reply_ip_id = !0
2147
2148
#Module C
2149
icmp_addrmask_reply = n
2150
icmp_addrmask_reply_ttl = <255
2151
icmp_addrmask_reply_ip_id = !0
2152
2153
#Module D
2154
icmp_info_reply = n
2155
icmp_info_reply_ttl = <255
2156
icmp_info_reply_ip_id = !0
2157
2158
#Module E
2159
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2160
icmp_unreach_reply = y
2161
icmp_unreach_echoed_dtsize = 8
2162
icmp_unreach_reply_ttl = <255
2163
icmp_unreach_precedence_bits = 0
2164
icmp_unreach_df_bit = 1
2165
icmp_unreach_ip_id = !0
2166
2167
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2168
icmp_unreach_echoed_udp_cksum = 0
2169
icmp_unreach_echoed_ip_cksum = OK
2170
icmp_unreach_echoed_ip_id = OK
2171
icmp_unreach_echoed_total_len = OK
2172
icmp_unreach_echoed_3bit_flags = OK
2173
2174
#Module F [TCP SYN | ACK Module]
2175
#IP header of the TCP SYN | ACK
2176
tcp_syn_ack_tos = 0
2177
tcp_syn_ack_df = 1
2178
tcp_syn_ack_ip_id = !0
2179
tcp_syn_ack_ttl = <64
2180
2181
#Information from the TCP header
2182
tcp_syn_ack_ack = 1
2183
tcp_syn_ack_window_size = 17520
2184
tcp_syn_ack_options_order = "MSS"
2185
tcp_syn_ack_wscale = NONE
2186
tcp_syn_ack_tsval = NONE
2187
tcp_syn_ack_tsecr = NONE
2188
2189
#Module G [TCP RST|ACK]
2190
tcp_rst_reply = y
2191
tcp_rst_df = 0
2192
tcp_rst_ip_id_1 = !0
2193
tcp_rst_ip_id_2 = !0
2194
tcp_rst_ip_id_strategy = I
2195
tcp_rst_ttl = <64
2196
}
2197
2198
fingerprint {
2199
OS_ID = "FreeBSD 4.2"
2200
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2201
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2202
#Date: 11 August 2002
2203
#Modified: 05 July 2003
2204
2205
#Module A
2206
icmp_echo_reply = y
2207
2208
2209
icmp_echo_code = !0
2210
icmp_echo_ip_id = !0
2211
icmp_echo_tos_bits = !0
2212
icmp_echo_df_bit = 1
2213
icmp_echo_reply_ttl = <255
2214
2215
#Module B
2216
icmp_timestamp_reply = y
2217
icmp_timestamp_reply_ttl = <255
2218
icmp_timestamp_reply_ip_id = !0
2219
2220
#Module C
2221
icmp_addrmask_reply = n
2222
icmp_addrmask_reply_ttl = <255
2223
icmp_addrmask_reply_ip_id = !0
2224
2225
#Module D
2226
icmp_info_reply = n
2227
icmp_info_reply_ttl = <255
2228
icmp_info_reply_ip_id = !0
2229
2230
#Module E
2231
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2232
icmp_unreach_reply = y
2233
icmp_unreach_echoed_dtsize = 8
2234
icmp_unreach_reply_ttl = <255
2235
icmp_unreach_precedence_bits = 0
2236
icmp_unreach_df_bit = 1
2237
icmp_unreach_ip_id = !0
2238
2239
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2240
icmp_unreach_echoed_udp_cksum = 0
2241
icmp_unreach_echoed_ip_cksum = OK
2242
icmp_unreach_echoed_ip_id = OK
2243
icmp_unreach_echoed_total_len = OK
2244
icmp_unreach_echoed_3bit_flags = OK
2245
2246
#Module F [TCP SYN | ACK Module]
2247
#IP header of the TCP SYN | ACK
2248
tcp_syn_ack_tos = 0
2249
tcp_syn_ack_df = 1
2250
tcp_syn_ack_ip_id = !0
2251
tcp_syn_ack_ttl = <64
2252
2253
#Information from the TCP header
2254
tcp_syn_ack_ack = 1
2255
tcp_syn_ack_window_size = 17520
2256
tcp_syn_ack_options_order = "MSS"
2257
tcp_syn_ack_wscale = NONE
2258
tcp_syn_ack_tsval = NONE
2259
tcp_syn_ack_tsecr = NONE
2260
2261
#Module G [TCP RST|ACK]
2262
tcp_rst_reply = y
2263
tcp_rst_df = 0
2264
tcp_rst_ip_id_1 = !0
2265
tcp_rst_ip_id_2 = !0
2266
tcp_rst_ip_id_strategy = I
2267
tcp_rst_ttl = <64
2268
}
2269
2270
fingerprint {
2271
OS_ID = "FreeBSD 4.1.1"
2272
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2273
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2274
#Date: 11 August 2002
2275
#Modified: 30 June 2003
2276
2277
#Module A
2278
icmp_echo_reply = y
2279
2280
2281
icmp_echo_code = !0
2282
icmp_echo_ip_id = !0
2283
icmp_echo_tos_bits = !0
2284
icmp_echo_df_bit = 1
2285
icmp_echo_reply_ttl = <255
2286
2287
#Module B
2288
icmp_timestamp_reply = y
2289
icmp_timestamp_reply_ttl = <255
2290
icmp_timestamp_reply_ip_id = !0
2291
2292
#Module C
2293
icmp_addrmask_reply = n
2294
icmp_addrmask_reply_ttl = <255
2295
icmp_addrmask_reply_ip_id = !0
2296
2297
#Module D
2298
icmp_info_reply = n
2299
icmp_info_reply_ttl = <255
2300
icmp_info_reply_ip_id = !0
2301
2302
#Module E
2303
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2304
icmp_unreach_reply = y
2305
icmp_unreach_echoed_dtsize = 8
2306
icmp_unreach_reply_ttl = <255
2307
icmp_unreach_precedence_bits = 0
2308
icmp_unreach_df_bit = 1
2309
icmp_unreach_ip_id = !0
2310
2311
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2312
icmp_unreach_echoed_udp_cksum = 0
2313
icmp_unreach_echoed_ip_cksum = OK
2314
icmp_unreach_echoed_ip_id = OK
2315
icmp_unreach_echoed_total_len = OK
2316
icmp_unreach_echoed_3bit_flags = OK
2317
2318
#Module F [TCP SYN | ACK Module]
2319
#IP header of the TCP SYN | ACK
2320
tcp_syn_ack_tos = 0
2321
tcp_syn_ack_df = 1
2322
tcp_syn_ack_ip_id = !0
2323
tcp_syn_ack_ttl = <64
2324
2325
#Information from the TCP header
2326
tcp_syn_ack_ack = 1
2327
tcp_syn_ack_window_size = 17520
2328
tcp_syn_ack_options_order = "MSS"
2329
tcp_syn_ack_wscale = NONE
2330
tcp_syn_ack_tsval = NONE
2331
tcp_syn_ack_tsecr = NONE
2332
2333
#Module G [TCP RST|ACK]
2334
tcp_rst_reply = y
2335
tcp_rst_df = 0
2336
tcp_rst_ip_id_1 = !0
2337
tcp_rst_ip_id_2 = !0
2338
tcp_rst_ip_id_strategy = I
2339
tcp_rst_ttl = <64
2340
}
2341
2342
fingerprint {
2343
OS_ID = "FreeBSD 4.0"
2344
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2345
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2346
#Date: 29 July 2002
2347
#Modified: 20 March 2003
2348
2349
#Module A
2350
icmp_echo_reply = y
2351
2352
2353
icmp_echo_code = !0
2354
icmp_echo_ip_id = !0
2355
icmp_echo_tos_bits = !0
2356
icmp_echo_df_bit = 1
2357
icmp_echo_reply_ttl = <255
2358
2359
#Module B
2360
icmp_timestamp_reply = y
2361
icmp_timestamp_reply_ttl = <255
2362
icmp_timestamp_reply_ip_id = !0
2363
2364
#Module C
2365
icmp_addrmask_reply = n
2366
icmp_addrmask_reply_ttl = <255
2367
icmp_addrmask_reply_ip_id = !0
2368
2369
#Module D
2370
icmp_info_reply = n
2371
icmp_info_reply_ttl = <255
2372
icmp_info_reply_ip_id = !0
2373
2374
#Module E
2375
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2376
icmp_unreach_reply = y
2377
icmp_unreach_echoed_dtsize = 8
2378
icmp_unreach_reply_ttl = <255
2379
icmp_unreach_precedence_bits = 0
2380
icmp_unreach_df_bit = 1
2381
icmp_unreach_ip_id = !0
2382
2383
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2384
icmp_unreach_echoed_udp_cksum = 0
2385
icmp_unreach_echoed_ip_cksum = BAD
2386
icmp_unreach_echoed_ip_id = FLIPPED
2387
icmp_unreach_echoed_total_len = OK
2388
icmp_unreach_echoed_3bit_flags = FLIPPED
2389
2390
#Module F [TCP SYN | ACK Module]
2391
#IP header of the TCP SYN | ACK
2392
tcp_syn_ack_tos = 0
2393
tcp_syn_ack_df = 1
2394
tcp_syn_ack_ip_id = !0
2395
tcp_syn_ack_ttl = <64
2396
2397
#Information from the TCP header
2398
tcp_syn_ack_ack = 1
2399
tcp_syn_ack_window_size = 17520
2400
tcp_syn_ack_options_order = "MSS"
2401
tcp_syn_ack_wscale = NONE
2402
tcp_syn_ack_tsval = NONE
2403
tcp_syn_ack_tsecr = NONE
2404
2405
#Module G [TCP RST|ACK]
2406
tcp_rst_reply = y
2407
tcp_rst_df = 0
2408
tcp_rst_ip_id_1 = !0
2409
tcp_rst_ip_id_2 = !0
2410
tcp_rst_ip_id_strategy = I
2411
tcp_rst_ttl = <64
2412
}
2413
2414
fingerprint {
2415
OS_ID = "FreeBSD 3.5.1"
2416
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2417
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2418
#Date: 11 July 2003
2419
#Modified: 11 July 2003
2420
2421
#Module A
2422
icmp_echo_reply = y
2423
2424
2425
icmp_echo_code = !0
2426
icmp_echo_ip_id = !0
2427
icmp_echo_tos_bits = !0
2428
icmp_echo_df_bit = 1
2429
icmp_echo_reply_ttl = <255
2430
2431
#Module B
2432
icmp_timestamp_reply = y
2433
icmp_timestamp_reply_ttl = <255
2434
icmp_timestamp_reply_ip_id = !0
2435
2436
#Module C
2437
icmp_addrmask_reply = n
2438
icmp_addrmask_reply_ttl = <255
2439
icmp_addrmask_reply_ip_id = !0
2440
2441
#Module D
2442
icmp_info_reply = n
2443
icmp_info_reply_ttl = <255
2444
icmp_info_reply_ip_id = !0
2445
2446
#Module E
2447
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2448
icmp_unreach_reply = y
2449
icmp_unreach_echoed_dtsize = 8
2450
icmp_unreach_reply_ttl = <255
2451
icmp_unreach_precedence_bits = 0
2452
icmp_unreach_df_bit = 1
2453
icmp_unreach_ip_id = !0
2454
2455
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2456
icmp_unreach_echoed_udp_cksum = 0
2457
icmp_unreach_echoed_ip_cksum = BAD
2458
icmp_unreach_echoed_ip_id = FLIPPED
2459
icmp_unreach_echoed_total_len = OK
2460
icmp_unreach_echoed_3bit_flags = FLIPPED
2461
2462
#Module F [TCP SYN | ACK Module]
2463
#IP header of the TCP SYN | ACK
2464
tcp_syn_ack_tos = 0
2465
tcp_syn_ack_df = 1
2466
tcp_syn_ack_ip_id = !0
2467
tcp_syn_ack_ttl = <64
2468
2469
#Information from the TCP header
2470
tcp_syn_ack_ack = 1
2471
tcp_syn_ack_window_size = 17520
2472
tcp_syn_ack_options_order = "MSS"
2473
tcp_syn_ack_wscale = NONE
2474
tcp_syn_ack_tsval = NONE
2475
tcp_syn_ack_tsecr = NONE
2476
2477
#Module G [TCP RST|ACK]
2478
tcp_rst_reply = y
2479
tcp_rst_df = 0
2480
tcp_rst_ip_id_1 = !0
2481
tcp_rst_ip_id_2 = !0
2482
tcp_rst_ip_id_strategy = I
2483
tcp_rst_ttl = <64
2484
}
2485
2486
fingerprint {
2487
OS_ID = "FreeBSD 3.4"
2488
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2489
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2490
#Date: 29 July 2002
2491
#Modified: 29 June 2003
2492
2493
#Module A
2494
icmp_echo_reply = y
2495
2496
2497
icmp_echo_code = !0
2498
icmp_echo_ip_id = !0
2499
icmp_echo_tos_bits = !0
2500
icmp_echo_df_bit = 1
2501
icmp_echo_reply_ttl = <255
2502
2503
#Module B
2504
icmp_timestamp_reply = y
2505
icmp_timestamp_reply_ttl = <255
2506
icmp_timestamp_reply_ip_id = !0
2507
2508
#Module C
2509
icmp_addrmask_reply = n
2510
icmp_addrmask_reply_ttl = <255
2511
icmp_addrmask_reply_ip_id = !0
2512
2513
#Module D
2514
icmp_info_reply = n
2515
icmp_info_reply_ttl = <255
2516
icmp_info_reply_ip_id = !0
2517
2518
#Module E
2519
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2520
icmp_unreach_reply = y
2521
icmp_unreach_echoed_dtsize = 8
2522
icmp_unreach_reply_ttl = <255
2523
icmp_unreach_precedence_bits = 0
2524
icmp_unreach_df_bit = 1
2525
icmp_unreach_ip_id = !0
2526
2527
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2528
icmp_unreach_echoed_udp_cksum = 0
2529
icmp_unreach_echoed_ip_cksum = BAD
2530
icmp_unreach_echoed_ip_id = FLIPPED
2531
icmp_unreach_echoed_total_len = OK
2532
icmp_unreach_echoed_3bit_flags = FLIPPED
2533
2534
#Module F [TCP SYN | ACK Module]
2535
#IP header of the TCP SYN | ACK
2536
tcp_syn_ack_tos = 0
2537
tcp_syn_ack_df = 1
2538
tcp_syn_ack_ip_id = !0
2539
tcp_syn_ack_ttl = <64
2540
2541
#Information from the TCP header
2542
tcp_syn_ack_ack = 1
2543
tcp_syn_ack_window_size = 17520
2544
tcp_syn_ack_options_order = "MSS"
2545
tcp_syn_ack_wscale = NONE
2546
tcp_syn_ack_tsval = NONE
2547
tcp_syn_ack_tsecr = NONE
2548
2549
#Module G [TCP RST|ACK]
2550
tcp_rst_reply = y
2551
tcp_rst_df = 0
2552
tcp_rst_ip_id_1 = !0
2553
tcp_rst_ip_id_2 = !0
2554
tcp_rst_ip_id_strategy = I
2555
tcp_rst_ttl = <64
2556
}
2557
2558
fingerprint {
2559
OS_ID = "FreeBSD 3.3"
2560
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2561
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2562
#Date: 11 August 2002
2563
#Modified: 11 July 2003
2564
2565
#Module A
2566
icmp_echo_reply = y
2567
2568
2569
icmp_echo_code = !0
2570
icmp_echo_ip_id = !0
2571
icmp_echo_tos_bits = !0
2572
icmp_echo_df_bit = 1
2573
icmp_echo_reply_ttl = <255
2574
2575
#Module B
2576
icmp_timestamp_reply = y
2577
icmp_timestamp_reply_ttl = <255
2578
icmp_timestamp_reply_ip_id = !0
2579
2580
#Module C
2581
icmp_addrmask_reply = n
2582
icmp_addrmask_reply_ttl = <255
2583
icmp_addrmask_reply_ip_id = !0
2584
2585
#Module D
2586
icmp_info_reply = n
2587
icmp_info_reply_ttl = <255
2588
icmp_info_reply_ip_id = !0
2589
2590
#Module E
2591
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2592
icmp_unreach_reply = y
2593
icmp_unreach_echoed_dtsize = 8
2594
icmp_unreach_reply_ttl = <255
2595
icmp_unreach_precedence_bits = 0
2596
icmp_unreach_df_bit = 1
2597
icmp_unreach_ip_id = !0
2598
2599
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2600
icmp_unreach_echoed_udp_cksum = 0
2601
icmp_unreach_echoed_ip_cksum = BAD
2602
icmp_unreach_echoed_ip_id = FLIPPED
2603
icmp_unreach_echoed_total_len = OK
2604
icmp_unreach_echoed_3bit_flags = FLIPPED
2605
2606
#Module F [TCP SYN | ACK Module]
2607
#IP header of the TCP SYN | ACK
2608
tcp_syn_ack_tos = 0
2609
tcp_syn_ack_df = 1
2610
tcp_syn_ack_ip_id = !0
2611
tcp_syn_ack_ttl = <64
2612
2613
#Information from the TCP header
2614
tcp_syn_ack_ack = 1
2615
tcp_syn_ack_window_size = 17520
2616
tcp_syn_ack_options_order = "MSS"
2617
tcp_syn_ack_wscale = NONE
2618
tcp_syn_ack_tsval = NONE
2619
tcp_syn_ack_tsecr = NONE
2620
2621
#Module G [TCP RST|ACK]
2622
tcp_rst_reply = y
2623
tcp_rst_df = 0
2624
tcp_rst_ip_id_1 = !0
2625
tcp_rst_ip_id_2 = !0
2626
tcp_rst_ip_id_strategy = I
2627
tcp_rst_ttl = <64
2628
}
2629
2630
fingerprint {
2631
OS_ID = "FreeBSD 3.2"
2632
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2633
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2634
#Date: 11 August 2002
2635
#Modified: 11 July 2003
2636
2637
#Module A
2638
icmp_echo_reply = y
2639
2640
2641
icmp_echo_code = !0
2642
icmp_echo_ip_id = !0
2643
icmp_echo_tos_bits = !0
2644
icmp_echo_df_bit = 1
2645
icmp_echo_reply_ttl = <255
2646
2647
#Module B
2648
icmp_timestamp_reply = y
2649
icmp_timestamp_reply_ttl = <255
2650
icmp_timestamp_reply_ip_id = !0
2651
2652
#Module C
2653
icmp_addrmask_reply = n
2654
icmp_addrmask_reply_ttl = <255
2655
icmp_addrmask_reply_ip_id = !0
2656
2657
#Module D
2658
icmp_info_reply = n
2659
icmp_info_reply_ttl = <255
2660
icmp_info_reply_ip_id = !0
2661
2662
#Module E
2663
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2664
icmp_unreach_reply = y
2665
icmp_unreach_echoed_dtsize = 8
2666
icmp_unreach_reply_ttl = <255
2667
icmp_unreach_precedence_bits = 0
2668
icmp_unreach_df_bit = 1
2669
icmp_unreach_ip_id = !0
2670
2671
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2672
icmp_unreach_echoed_udp_cksum = 0
2673
icmp_unreach_echoed_ip_cksum = BAD
2674
icmp_unreach_echoed_ip_id = FLIPPED
2675
icmp_unreach_echoed_total_len = OK
2676
icmp_unreach_echoed_3bit_flags = FLIPPED
2677
2678
#Module F [TCP SYN | ACK Module]
2679
#IP header of the TCP SYN | ACK
2680
tcp_syn_ack_tos = 0
2681
tcp_syn_ack_df = 1
2682
tcp_syn_ack_ip_id = !0
2683
tcp_syn_ack_ttl = <64
2684
2685
#Information from the TCP header
2686
tcp_syn_ack_ack = 1
2687
tcp_syn_ack_window_size = 17520
2688
tcp_syn_ack_options_order = "MSS"
2689
tcp_syn_ack_wscale = NONE
2690
tcp_syn_ack_tsval = NONE
2691
tcp_syn_ack_tsecr = NONE
2692
2693
#Module G [TCP RST|ACK]
2694
tcp_rst_reply = y
2695
tcp_rst_df = 0
2696
tcp_rst_ip_id_1 = !0
2697
tcp_rst_ip_id_2 = !0
2698
tcp_rst_ip_id_strategy = I
2699
tcp_rst_ttl = <64
2700
}
2701
2702
fingerprint {
2703
OS_ID = "FreeBSD 3.1"
2704
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2705
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2706
#Date: 11 August 2002
2707
#Modified: 11 July 2003
2708
2709
#Module A
2710
icmp_echo_reply = y
2711
2712
2713
icmp_echo_code = !0
2714
icmp_echo_ip_id = !0
2715
icmp_echo_tos_bits = !0
2716
icmp_echo_df_bit = 1
2717
icmp_echo_reply_ttl = <255
2718
2719
#Module B
2720
icmp_timestamp_reply = y
2721
icmp_timestamp_reply_ttl = <255
2722
icmp_timestamp_reply_ip_id = !0
2723
2724
#Module C
2725
icmp_addrmask_reply = n
2726
icmp_addrmask_reply_ttl = <255
2727
icmp_addrmask_reply_ip_id = !0
2728
2729
#Module D
2730
icmp_info_reply = n
2731
icmp_info_reply_ttl = <255
2732
icmp_info_reply_ip_id = !0
2733
2734
#Module E
2735
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2736
icmp_unreach_reply = y
2737
icmp_unreach_echoed_dtsize = 8
2738
icmp_unreach_reply_ttl = <255
2739
icmp_unreach_precedence_bits = 0
2740
icmp_unreach_df_bit = 1
2741
icmp_unreach_ip_id = !0
2742
2743
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2744
icmp_unreach_echoed_udp_cksum = 0
2745
icmp_unreach_echoed_ip_cksum = BAD
2746
icmp_unreach_echoed_ip_id = FLIPPED
2747
icmp_unreach_echoed_total_len = OK
2748
icmp_unreach_echoed_3bit_flags = FLIPPED
2749
2750
#Module F [TCP SYN | ACK Module]
2751
#IP header of the TCP SYN | ACK
2752
tcp_syn_ack_tos = 0
2753
tcp_syn_ack_df = 1
2754
tcp_syn_ack_ip_id = !0
2755
tcp_syn_ack_ttl = <64
2756
2757
#Information from the TCP header
2758
tcp_syn_ack_ack = 1
2759
tcp_syn_ack_window_size = 17520
2760
tcp_syn_ack_options_order = "MSS"
2761
tcp_syn_ack_wscale = NONE
2762
tcp_syn_ack_tsval = NONE
2763
tcp_syn_ack_tsecr = NONE
2764
2765
#Module G [TCP RST|ACK]
2766
tcp_rst_reply = y
2767
tcp_rst_df = 0
2768
tcp_rst_ip_id_1 = !0
2769
tcp_rst_ip_id_2 = !0
2770
tcp_rst_ip_id_strategy = I
2771
tcp_rst_ttl = <64
2772
}
2773
2774
fingerprint {
2775
OS_ID = "FreeBSD 2.2.8"
2776
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2777
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2778
#Date: 11 August 2002
2779
#Modified: 11 July 2003
2780
2781
#Module A
2782
icmp_echo_reply = y
2783
2784
2785
icmp_echo_code = !0
2786
icmp_echo_ip_id = !0
2787
icmp_echo_tos_bits = !0
2788
icmp_echo_df_bit = 1
2789
icmp_echo_reply_ttl = <255
2790
2791
#Module B
2792
icmp_timestamp_reply = y
2793
icmp_timestamp_reply_ttl = <255
2794
icmp_timestamp_reply_ip_id = !0
2795
2796
#Module C
2797
icmp_addrmask_reply = n
2798
icmp_addrmask_reply_ttl = <255
2799
icmp_addrmask_reply_ip_id = !0
2800
2801
#Module D
2802
icmp_info_reply = n
2803
icmp_info_reply_ttl = <255
2804
icmp_info_reply_ip_id = !0
2805
2806
#Module E
2807
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2808
icmp_unreach_reply = y
2809
icmp_unreach_echoed_dtsize = 8
2810
icmp_unreach_reply_ttl = <255
2811
icmp_unreach_precedence_bits = 0
2812
icmp_unreach_df_bit = 1
2813
icmp_unreach_ip_id = !0
2814
2815
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2816
icmp_unreach_echoed_udp_cksum = 0
2817
icmp_unreach_echoed_ip_cksum = BAD
2818
icmp_unreach_echoed_ip_id = FLIPPED
2819
icmp_unreach_echoed_total_len = OK
2820
icmp_unreach_echoed_3bit_flags = FLIPPED
2821
2822
#Module F [TCP SYN | ACK Module]
2823
#IP header of the TCP SYN | ACK
2824
tcp_syn_ack_tos = 0
2825
tcp_syn_ack_df = 1
2826
tcp_syn_ack_ip_id = !0
2827
tcp_syn_ack_ttl = <64
2828
2829
#Information from the TCP header
2830
tcp_syn_ack_ack = 1
2831
tcp_syn_ack_window_size = 17376
2832
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
2833
tcp_syn_ack_wscale = 0
2834
tcp_syn_ack_tsval = !0
2835
tcp_syn_ack_tsecr = !0
2836
2837
#Module G [TCP RST|ACK]
2838
tcp_rst_reply = y
2839
tcp_rst_df = 0
2840
tcp_rst_ip_id_1 = !0
2841
tcp_rst_ip_id_2 = !0
2842
tcp_rst_ip_id_strategy = I
2843
tcp_rst_ttl = <64
2844
}
2845
2846
fingerprint {
2847
OS_ID = "FreeBSD 2.2.7"
2848
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2849
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2850
#Date: 11 August 2002
2851
#Modified: 11 July 2003
2852
2853
#Module A
2854
icmp_echo_reply = y
2855
2856
2857
icmp_echo_code = !0
2858
icmp_echo_ip_id = !0
2859
icmp_echo_tos_bits = !0
2860
icmp_echo_df_bit = 1
2861
icmp_echo_reply_ttl = <255
2862
2863
#Module B
2864
icmp_timestamp_reply = y
2865
icmp_timestamp_reply_ttl = <255
2866
icmp_timestamp_reply_ip_id = !0
2867
2868
#Module C
2869
icmp_addrmask_reply = n
2870
icmp_addrmask_reply_ttl = <255
2871
icmp_addrmask_reply_ip_id = !0
2872
2873
#Module D
2874
icmp_info_reply = n
2875
icmp_info_reply_ttl = <255
2876
icmp_info_reply_ip_id = !0
2877
2878
#Module E
2879
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2880
icmp_unreach_reply = y
2881
icmp_unreach_echoed_dtsize = 8
2882
icmp_unreach_reply_ttl = <255
2883
icmp_unreach_precedence_bits = 0
2884
icmp_unreach_df_bit = 1
2885
icmp_unreach_ip_id = !0
2886
2887
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2888
icmp_unreach_echoed_udp_cksum = 0
2889
icmp_unreach_echoed_ip_cksum = BAD
2890
icmp_unreach_echoed_ip_id = FLIPPED
2891
icmp_unreach_echoed_total_len = OK
2892
icmp_unreach_echoed_3bit_flags = FLIPPED
2893
2894
#Module F [TCP SYN | ACK Module]
2895
#IP header of the TCP SYN | ACK
2896
tcp_syn_ack_tos = 0
2897
tcp_syn_ack_df = 1
2898
tcp_syn_ack_ip_id = !0
2899
tcp_syn_ack_ttl = <64
2900
2901
#Information from the TCP header
2902
tcp_syn_ack_ack = 1
2903
tcp_syn_ack_window_size = 17376
2904
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
2905
tcp_syn_ack_wscale = 0
2906
tcp_syn_ack_tsval = !0
2907
tcp_syn_ack_tsecr = !0
2908
2909
#Module G [TCP RST|ACK]
2910
tcp_rst_reply = y
2911
tcp_rst_df = 0
2912
tcp_rst_ip_id_1 = !0
2913
tcp_rst_ip_id_2 = !0
2914
tcp_rst_ip_id_strategy = I
2915
tcp_rst_ttl = <64
2916
}
2917
2918
2919
#HP
2920
2921
fingerprint {
2922
OS_ID = "HP UX 11.0x"
2923
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2924
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2925
#Date: 14 July 2003
2926
#Modified: 14 July 2003
2927
2928
#Module A
2929
icmp_echo_reply = y
2930
2931
2932
icmp_echo_code = !0
2933
icmp_echo_ip_id = !0
2934
icmp_echo_tos_bits = !0
2935
icmp_echo_df_bit = 1
2936
icmp_echo_reply_ttl = <255
2937
2938
#Module B
2939
icmp_timestamp_reply = n
2940
icmp_timestamp_reply_ttl = <255
2941
icmp_timestamp_reply_ip_id = !0
2942
2943
#Module C
2944
icmp_addrmask_reply = n
2945
icmp_addrmask_reply_ttl = <255
2946
icmp_addrmask_reply_ip_id = !0
2947
2948
#Module D
2949
icmp_info_reply = n
2950
icmp_info_reply_ttl = <255
2951
icmp_info_reply_ip_id = !0
2952
2953
#Module E
2954
#IP_Header_of_the_UDP_Port_Unreachable_error_message
2955
icmp_unreach_reply = y
2956
icmp_unreach_echoed_dtsize = 64
2957
icmp_unreach_reply_ttl = <255
2958
icmp_unreach_precedence_bits = 0
2959
icmp_unreach_df_bit = 1
2960
icmp_unreach_ip_id = !0
2961
2962
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
2963
icmp_unreach_echoed_udp_cksum = OK
2964
icmp_unreach_echoed_ip_cksum = OK
2965
icmp_unreach_echoed_ip_id = OK
2966
icmp_unreach_echoed_total_len = OK
2967
icmp_unreach_echoed_3bit_flags = OK
2968
2969
#Module F [TCP SYN | ACK Module]
2970
#IP header of the TCP SYN | ACK
2971
tcp_syn_ack_tos = 0
2972
tcp_syn_ack_df = 1
2973
tcp_syn_ack_ip_id = !0
2974
tcp_syn_ack_ttl = <64
2975
2976
#Information from the TCP header
2977
tcp_syn_ack_ack = 1
2978
tcp_syn_ack_window_size = 32768
2979
tcp_syn_ack_options_order = "MSS NOP NOP SACK WSCALE NOP NOP NOP TIMESTAMP"
2980
tcp_syn_ack_wscale = 0
2981
tcp_syn_ack_tsval = !0
2982
tcp_syn_ack_tsecr = !0
2983
2984
#Module G [TCP RST|ACK]
2985
tcp_rst_reply = y
2986
tcp_rst_df = 1
2987
tcp_rst_ip_id_1 = !0
2988
tcp_rst_ip_id_2 = !0
2989
tcp_rst_ip_id_strategy = I
2990
tcp_rst_ttl = <64
2991
}
2992
2993
fingerprint {
2994
OS_ID = "HP UX 11.0"
2995
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
2996
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
2997
#Date: 11 August 2002
2998
#Modified: 1 July 2003
2999
3000
#Module A
3001
icmp_echo_reply = y
3002
3003
3004
icmp_echo_code = !0
3005
icmp_echo_ip_id = !0
3006
icmp_echo_tos_bits = !0
3007
icmp_echo_df_bit = 1
3008
icmp_echo_reply_ttl = <255
3009
3010
#Module B
3011
icmp_timestamp_reply = n
3012
icmp_timestamp_reply_ttl = <255
3013
icmp_timestamp_reply_ip_id = !0
3014
3015
#Module C
3016
icmp_addrmask_reply = y
3017
icmp_addrmask_reply_ttl = <255
3018
icmp_addrmask_reply_ip_id = !0
3019
3020
#Module D
3021
icmp_info_reply = n
3022
icmp_info_reply_ttl = <255
3023
icmp_info_reply_ip_id = !0
3024
3025
#Module E
3026
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3027
icmp_unreach_reply = y
3028
icmp_unreach_echoed_dtsize = 64
3029
icmp_unreach_reply_ttl = <255
3030
icmp_unreach_precedence_bits = 0
3031
icmp_unreach_df_bit = 1
3032
icmp_unreach_ip_id = !0
3033
3034
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3035
icmp_unreach_echoed_udp_cksum = OK
3036
icmp_unreach_echoed_ip_cksum = OK
3037
icmp_unreach_echoed_ip_id = OK
3038
icmp_unreach_echoed_total_len = OK
3039
icmp_unreach_echoed_3bit_flags = OK
3040
3041
#Module F [TCP SYN | ACK Module]
3042
#IP header of the TCP SYN | ACK
3043
tcp_syn_ack_tos = 0
3044
tcp_syn_ack_df = 1
3045
tcp_syn_ack_ip_id = !0
3046
tcp_syn_ack_ttl = <64
3047
3048
#Information from the TCP header
3049
tcp_syn_ack_ack = 1
3050
tcp_syn_ack_window_size = 32768
3051
tcp_syn_ack_options_order = "MSS NOP NOP SACK WSCALE NOP NOP NOP TIMESTAMP"
3052
tcp_syn_ack_wscale = 0
3053
tcp_syn_ack_tsval = !0
3054
tcp_syn_ack_tsecr = !0
3055
3056
#Module G [TCP RST|ACK]
3057
tcp_rst_reply = y
3058
tcp_rst_df = 1
3059
tcp_rst_ip_id_1 = !0
3060
tcp_rst_ip_id_2 = !0
3061
tcp_rst_ip_id_strategy = I
3062
tcp_rst_ttl = <64
3063
}
3064
3065
fingerprint {
3066
OS_ID = "HP JetDirect ROM A.03.17 EEPROM A.04.09"
3067
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3068
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3069
#Date: 04 July 2003
3070
#Modified: 04 July 2003
3071
3072
#Module A [ICMP ECHO Probe]
3073
icmp_echo_reply = y
3074
3075
3076
icmp_echo_code = 0
3077
icmp_echo_ip_id = !0
3078
icmp_echo_tos_bits = 0
3079
icmp_echo_df_bit = 0
3080
icmp_echo_reply_ttl = <60
3081
3082
#Module B [ICMP Timestamp Probe]
3083
icmp_timestamp_reply = n
3084
icmp_timestamp_reply_ttl = <60
3085
icmp_timestamp_reply_ip_id = !0
3086
3087
#Module C [ICMP Address Mask Request Probe]
3088
icmp_addrmask_reply = n
3089
icmp_addrmask_reply_ttl = <60
3090
icmp_addrmask_reply_ip_id = !0
3091
3092
#Module D [ICMP Information Request Probe]
3093
icmp_info_reply = n
3094
icmp_info_reply_ttl = <60
3095
icmp_info_reply_ip_id = !0
3096
3097
#Module E [UDP -> ICMP Unreachable probe]
3098
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3099
icmp_unreach_reply = y
3100
icmp_unreach_echoed_dtsize = 8
3101
icmp_unreach_reply_ttl = <60
3102
icmp_unreach_precedence_bits = 0
3103
icmp_unreach_df_bit = 0
3104
icmp_unreach_ip_id = !0
3105
3106
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3107
icmp_unreach_echoed_udp_cksum = OK
3108
icmp_unreach_echoed_ip_cksum = 0
3109
icmp_unreach_echoed_ip_id = OK
3110
icmp_unreach_echoed_total_len = OK
3111
icmp_unreach_echoed_3bit_flags = OK
3112
3113
#Module F [TCP SYN | ACK Module]
3114
#IP header of the TCP SYN ACK
3115
tcp_syn_ack_tos = 0
3116
tcp_syn_ack_df = 0
3117
tcp_syn_ack_ip_id = !0
3118
tcp_syn_ack_ttl = <60
3119
3120
#Information from the TCP header
3121
tcp_syn_ack_ack = 1
3122
tcp_syn_ack_window_size = 5840
3123
tcp_syn_ack_options_order = "MSS"
3124
tcp_syn_ack_wscale = NONE
3125
tcp_syn_ack_tsval = NONE
3126
tcp_syn_ack_tsecr = NONE
3127
3128
#Module G [TCP RST|ACK]
3129
tcp_rst_reply = y
3130
tcp_rst_df = 0
3131
tcp_rst_ip_id_1 = !0
3132
tcp_rst_ip_id_2 = !0
3133
tcp_rst_ip_id_strategy = I
3134
tcp_rst_ttl = <60
3135
}
3136
3137
fingerprint {
3138
OS_ID = "HP JetDirect ROM A.05.03 EEPROM A.05.05"
3139
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3140
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3141
#Date: 04 July 2003
3142
#Modified: 04 July 2003
3143
3144
#Module A [ICMP ECHO Probe]
3145
icmp_echo_reply = y
3146
3147
3148
icmp_echo_code = 0
3149
icmp_echo_ip_id = !0
3150
icmp_echo_tos_bits = 0
3151
icmp_echo_df_bit = 0
3152
icmp_echo_reply_ttl = <60
3153
3154
#Module B [ICMP Timestamp Probe]
3155
icmp_timestamp_reply = n
3156
icmp_timestamp_reply_ttl = <60
3157
icmp_timestamp_reply_ip_id = !0
3158
3159
#Module C [ICMP Address Mask Request Probe]
3160
icmp_addrmask_reply = n
3161
icmp_addrmask_reply_ttl = <60
3162
icmp_addrmask_reply_ip_id = !0
3163
3164
#Module D [ICMP Information Request Probe]
3165
icmp_info_reply = n
3166
icmp_info_reply_ttl = <60
3167
icmp_info_reply_ip_id = !0
3168
3169
#Module E [UDP -> ICMP Unreachable probe]
3170
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3171
icmp_unreach_reply = y
3172
icmp_unreach_echoed_dtsize = 8
3173
icmp_unreach_reply_ttl = <60
3174
icmp_unreach_precedence_bits = 0
3175
icmp_unreach_df_bit = 0
3176
icmp_unreach_ip_id = !0
3177
3178
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3179
icmp_unreach_echoed_udp_cksum = OK
3180
icmp_unreach_echoed_ip_cksum = 0
3181
icmp_unreach_echoed_ip_id = OK
3182
icmp_unreach_echoed_total_len = OK
3183
icmp_unreach_echoed_3bit_flags = OK
3184
3185
#Module F [TCP SYN | ACK Module]
3186
#IP header of the TCP SYN ACK
3187
tcp_syn_ack_tos = 0
3188
tcp_syn_ack_df = 0
3189
tcp_syn_ack_ip_id = !0
3190
tcp_syn_ack_ttl = <60
3191
3192
#Information from the TCP header
3193
tcp_syn_ack_ack = 1
3194
tcp_syn_ack_window_size = 5840
3195
tcp_syn_ack_options_order = "MSS"
3196
tcp_syn_ack_wscale = NONE
3197
tcp_syn_ack_tsval = NONE
3198
tcp_syn_ack_tsecr = NONE
3199
3200
#Module G [TCP RST|ACK]
3201
tcp_rst_reply = y
3202
tcp_rst_df = 0
3203
tcp_rst_ip_id_1 = !0
3204
tcp_rst_ip_id_2 = !0
3205
tcp_rst_ip_id_strategy = I
3206
tcp_rst_ttl = <60
3207
}
3208
3209
3210
fingerprint {
3211
OS_ID = "HP JetDirect ROM F.08.01 EEPROM F.08.05"
3212
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3213
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3214
#Date: 12 February 2005
3215
#Modified: -
3216
3217
#Module A [ICMP ECHO Probe]
3218
icmp_echo_reply = y
3219
3220
3221
icmp_echo_code = 0
3222
icmp_echo_ip_id = !0
3223
icmp_echo_tos_bits = 0
3224
icmp_echo_df_bit = 0
3225
icmp_echo_reply_ttl = <60
3226
3227
#Module B [ICMP Timestamp Probe]
3228
icmp_timestamp_reply = n
3229
icmp_timestamp_reply_ttl = <60
3230
icmp_timestamp_reply_ip_id = !0
3231
3232
#Module C [ICMP Address Mask Request Probe]
3233
icmp_addrmask_reply = n
3234
icmp_addrmask_reply_ttl = <60
3235
icmp_addrmask_reply_ip_id = !0
3236
3237
#Module D [ICMP Information Request Probe]
3238
icmp_info_reply = n
3239
icmp_info_reply_ttl = <60
3240
icmp_info_reply_ip_id = !0
3241
3242
#Module E [UDP -> ICMP Unreachable probe]
3243
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3244
icmp_unreach_reply = y
3245
icmp_unreach_echoed_dtsize = 8
3246
icmp_unreach_reply_ttl = <60
3247
icmp_unreach_precedence_bits = 0
3248
icmp_unreach_df_bit = 0
3249
icmp_unreach_ip_id = !0
3250
3251
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3252
icmp_unreach_echoed_udp_cksum = OK
3253
icmp_unreach_echoed_ip_cksum = OK
3254
icmp_unreach_echoed_ip_id = OK
3255
icmp_unreach_echoed_total_len = OK
3256
icmp_unreach_echoed_3bit_flags = OK
3257
3258
#Module F [TCP SYN | ACK Module]
3259
#IP header of the TCP SYN ACK
3260
tcp_syn_ack_tos = 0
3261
tcp_syn_ack_df = 0
3262
tcp_syn_ack_ip_id = !0
3263
tcp_syn_ack_ttl = <60
3264
3265
#Information from the TCP header
3266
tcp_syn_ack_ack = 1
3267
tcp_syn_ack_window_size = 5840
3268
tcp_syn_ack_options_order = "MSS"
3269
tcp_syn_ack_wscale = NONE
3270
tcp_syn_ack_tsval = NONE
3271
tcp_syn_ack_tsecr = NONE
3272
3273
#Module G [TCP RST|ACK]
3274
tcp_rst_reply = y
3275
tcp_rst_df = 0
3276
tcp_rst_ip_id_1 = !0
3277
tcp_rst_ip_id_2 = !0
3278
tcp_rst_ip_id_strategy = I
3279
tcp_rst_ttl = <60
3280
}
3281
3282
3283
fingerprint {
3284
OS_ID = "HP JetDirect ROM F.08.08 EEPROM F.08.05"
3285
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3286
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3287
#Date: 12 February 2005
3288
#Modified: -
3289
3290
#Module A [ICMP ECHO Probe]
3291
icmp_echo_reply = y
3292
3293
3294
icmp_echo_code = 0
3295
icmp_echo_ip_id = !0
3296
icmp_echo_tos_bits = 0
3297
icmp_echo_df_bit = 0
3298
icmp_echo_reply_ttl = <60
3299
3300
#Module B [ICMP Timestamp Probe]
3301
icmp_timestamp_reply = n
3302
icmp_timestamp_reply_ttl = <60
3303
icmp_timestamp_reply_ip_id = !0
3304
3305
#Module C [ICMP Address Mask Request Probe]
3306
icmp_addrmask_reply = n
3307
icmp_addrmask_reply_ttl = <60
3308
icmp_addrmask_reply_ip_id = !0
3309
3310
#Module D [ICMP Information Request Probe]
3311
icmp_info_reply = n
3312
icmp_info_reply_ttl = <60
3313
icmp_info_reply_ip_id = !0
3314
3315
#Module E [UDP -> ICMP Unreachable probe]
3316
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3317
icmp_unreach_reply = y
3318
icmp_unreach_echoed_dtsize = 8
3319
icmp_unreach_reply_ttl = <60
3320
icmp_unreach_precedence_bits = 0
3321
icmp_unreach_df_bit = 0
3322
icmp_unreach_ip_id = !0
3323
3324
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3325
icmp_unreach_echoed_udp_cksum = OK
3326
icmp_unreach_echoed_ip_cksum = OK
3327
icmp_unreach_echoed_ip_id = OK
3328
icmp_unreach_echoed_total_len = OK
3329
icmp_unreach_echoed_3bit_flags = OK
3330
3331
#Module F [TCP SYN | ACK Module]
3332
#IP header of the TCP SYN ACK
3333
tcp_syn_ack_tos = 0
3334
tcp_syn_ack_df = 0
3335
tcp_syn_ack_ip_id = !0
3336
tcp_syn_ack_ttl = <60
3337
3338
#Information from the TCP header
3339
tcp_syn_ack_ack = 1
3340
tcp_syn_ack_window_size = 5840
3341
tcp_syn_ack_options_order = "MSS"
3342
tcp_syn_ack_wscale = NONE
3343
tcp_syn_ack_tsval = NONE
3344
tcp_syn_ack_tsecr = NONE
3345
3346
#Module G [TCP RST|ACK]
3347
tcp_rst_reply = y
3348
tcp_rst_df = 0
3349
tcp_rst_ip_id_1 = !0
3350
tcp_rst_ip_id_2 = !0
3351
tcp_rst_ip_id_strategy = I
3352
tcp_rst_ttl = <60
3353
}
3354
3355
3356
fingerprint {
3357
OS_ID = "HP JetDirect ROM F.08.08 EEPROM F.08.20"
3358
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3359
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3360
#Date: 12 February 2005
3361
#Modified: -
3362
3363
#Module A [ICMP ECHO Probe]
3364
icmp_echo_reply = y
3365
3366
3367
icmp_echo_code = 0
3368
icmp_echo_ip_id = !0
3369
icmp_echo_tos_bits = 0
3370
icmp_echo_df_bit = 0
3371
icmp_echo_reply_ttl = <60
3372
3373
#Module B [ICMP Timestamp Probe]
3374
icmp_timestamp_reply = n
3375
icmp_timestamp_reply_ttl = <60
3376
icmp_timestamp_reply_ip_id = !0
3377
3378
#Module C [ICMP Address Mask Request Probe]
3379
icmp_addrmask_reply = n
3380
icmp_addrmask_reply_ttl = <60
3381
icmp_addrmask_reply_ip_id = !0
3382
3383
#Module D [ICMP Information Request Probe]
3384
icmp_info_reply = n
3385
icmp_info_reply_ttl = <60
3386
icmp_info_reply_ip_id = !0
3387
3388
#Module E [UDP -> ICMP Unreachable probe]
3389
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3390
icmp_unreach_reply = y
3391
icmp_unreach_echoed_dtsize = 8
3392
icmp_unreach_reply_ttl = <60
3393
icmp_unreach_precedence_bits = 0
3394
icmp_unreach_df_bit = 0
3395
icmp_unreach_ip_id = !0
3396
3397
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3398
icmp_unreach_echoed_udp_cksum = OK
3399
icmp_unreach_echoed_ip_cksum = OK
3400
icmp_unreach_echoed_ip_id = OK
3401
icmp_unreach_echoed_total_len = OK
3402
icmp_unreach_echoed_3bit_flags = OK
3403
3404
#Module F [TCP SYN | ACK Module]
3405
#IP header of the TCP SYN ACK
3406
tcp_syn_ack_tos = 0
3407
tcp_syn_ack_df = 0
3408
tcp_syn_ack_ip_id = !0
3409
tcp_syn_ack_ttl = <60
3410
3411
#Information from the TCP header
3412
tcp_syn_ack_ack = 1
3413
tcp_syn_ack_window_size = 5840
3414
tcp_syn_ack_options_order = "MSS"
3415
tcp_syn_ack_wscale = NONE
3416
tcp_syn_ack_tsval = NONE
3417
tcp_syn_ack_tsecr = NONE
3418
3419
#Module G [TCP RST|ACK]
3420
tcp_rst_reply = y
3421
tcp_rst_df = 0
3422
tcp_rst_ip_id_1 = !0
3423
tcp_rst_ip_id_2 = !0
3424
tcp_rst_ip_id_strategy = I
3425
tcp_rst_ttl = <60
3426
}
3427
3428
3429
fingerprint {
3430
OS_ID = "HP JetDirect ROM G.05.34 EEPROM G.05.35"
3431
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3432
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3433
#Date: 04 July 2003
3434
#Modified: 04 July 2003
3435
3436
#Module A [ICMP ECHO Probe]
3437
icmp_echo_reply = y
3438
3439
3440
icmp_echo_code = 0
3441
icmp_echo_ip_id = !0
3442
icmp_echo_tos_bits = 0
3443
icmp_echo_df_bit = 0
3444
icmp_echo_reply_ttl = <60
3445
3446
#Module B [ICMP Timestamp Probe]
3447
icmp_timestamp_reply = n
3448
icmp_timestamp_reply_ttl = <60
3449
icmp_timestamp_reply_ip_id = !0
3450
3451
#Module C [ICMP Address Mask Request Probe]
3452
icmp_addrmask_reply = n
3453
icmp_addrmask_reply_ttl = <60
3454
icmp_addrmask_reply_ip_id = !0
3455
3456
#Module D [ICMP Information Request Probe]
3457
icmp_info_reply = n
3458
icmp_info_reply_ttl = <60
3459
icmp_info_reply_ip_id = !0
3460
3461
#Module E [UDP -> ICMP Unreachable probe]
3462
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3463
icmp_unreach_reply = y
3464
icmp_unreach_echoed_dtsize = 8
3465
icmp_unreach_reply_ttl = <60
3466
icmp_unreach_precedence_bits = 0
3467
icmp_unreach_df_bit = 0
3468
icmp_unreach_ip_id = !0
3469
3470
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3471
icmp_unreach_echoed_udp_cksum = OK
3472
icmp_unreach_echoed_ip_cksum = 0
3473
icmp_unreach_echoed_ip_id = OK
3474
icmp_unreach_echoed_total_len = OK
3475
icmp_unreach_echoed_3bit_flags = OK
3476
3477
#Module F [TCP SYN | ACK Module]
3478
#IP header of the TCP SYN ACK
3479
tcp_syn_ack_tos = 0
3480
tcp_syn_ack_df = 0
3481
tcp_syn_ack_ip_id = !0
3482
tcp_syn_ack_ttl = <60
3483
3484
#Information from the TCP header
3485
tcp_syn_ack_ack = 1
3486
tcp_syn_ack_window_size = 5840
3487
tcp_syn_ack_options_order = "MSS"
3488
tcp_syn_ack_wscale = NONE
3489
tcp_syn_ack_tsval = NONE
3490
tcp_syn_ack_tsecr = NONE
3491
3492
#Module G [TCP RST|ACK]
3493
tcp_rst_reply = y
3494
tcp_rst_df = 0
3495
tcp_rst_ip_id_1 = !0
3496
tcp_rst_ip_id_2 = !0
3497
tcp_rst_ip_id_strategy = I
3498
tcp_rst_ttl = <60
3499
}
3500
3501
fingerprint {
3502
OS_ID = "HP JetDirect ROM G.06.00 EEPROM G.06.00"
3503
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3504
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3505
#Date: 12 February 2005
3506
#Modified: -
3507
3508
#Module A [ICMP ECHO Probe]
3509
icmp_echo_reply = y
3510
3511
3512
icmp_echo_code = 0
3513
icmp_echo_ip_id = !0
3514
icmp_echo_tos_bits = 0
3515
icmp_echo_df_bit = 0
3516
icmp_echo_reply_ttl = <60
3517
3518
#Module B [ICMP Timestamp Probe]
3519
icmp_timestamp_reply = n
3520
icmp_timestamp_reply_ttl = <60
3521
icmp_timestamp_reply_ip_id = !0
3522
3523
#Module C [ICMP Address Mask Request Probe]
3524
icmp_addrmask_reply = n
3525
icmp_addrmask_reply_ttl = <60
3526
icmp_addrmask_reply_ip_id = !0
3527
3528
#Module D [ICMP Information Request Probe]
3529
icmp_info_reply = n
3530
icmp_info_reply_ttl = <60
3531
icmp_info_reply_ip_id = !0
3532
3533
#Module E [UDP -> ICMP Unreachable probe]
3534
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3535
icmp_unreach_reply = y
3536
icmp_unreach_echoed_dtsize = 8
3537
icmp_unreach_reply_ttl = <60
3538
icmp_unreach_precedence_bits = 0
3539
icmp_unreach_df_bit = 0
3540
icmp_unreach_ip_id = !0
3541
3542
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3543
icmp_unreach_echoed_udp_cksum = OK
3544
icmp_unreach_echoed_ip_cksum = OK
3545
icmp_unreach_echoed_ip_id = OK
3546
icmp_unreach_echoed_total_len = OK
3547
icmp_unreach_echoed_3bit_flags = OK
3548
3549
#Module F [TCP SYN | ACK Module]
3550
#IP header of the TCP SYN ACK
3551
tcp_syn_ack_tos = 0
3552
tcp_syn_ack_df = 0
3553
tcp_syn_ack_ip_id = !0
3554
tcp_syn_ack_ttl = <60
3555
3556
#Information from the TCP header
3557
tcp_syn_ack_ack = 1
3558
tcp_syn_ack_window_size = 5840
3559
tcp_syn_ack_options_order = "MSS"
3560
tcp_syn_ack_wscale = NONE
3561
tcp_syn_ack_tsval = NONE
3562
tcp_syn_ack_tsecr = NONE
3563
3564
#Module G [TCP RST|ACK]
3565
tcp_rst_reply = y
3566
tcp_rst_df = 0
3567
tcp_rst_ip_id_1 = !0
3568
tcp_rst_ip_id_2 = !0
3569
tcp_rst_ip_id_strategy = I
3570
tcp_rst_ttl = <60
3571
}
3572
3573
fingerprint {
3574
OS_ID = "HP JetDirect ROM G.07.02 EEPROM G.07.17"
3575
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3576
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3577
#Date: 12 February 2005
3578
#Modified: -
3579
3580
#Module A [ICMP ECHO Probe]
3581
icmp_echo_reply = y
3582
3583
3584
icmp_echo_code = 0
3585
icmp_echo_ip_id = !0
3586
icmp_echo_tos_bits = 0
3587
icmp_echo_df_bit = 0
3588
icmp_echo_reply_ttl = <60
3589
3590
#Module B [ICMP Timestamp Probe]
3591
icmp_timestamp_reply = n
3592
icmp_timestamp_reply_ttl = <60
3593
icmp_timestamp_reply_ip_id = !0
3594
3595
#Module C [ICMP Address Mask Request Probe]
3596
icmp_addrmask_reply = n
3597
icmp_addrmask_reply_ttl = <60
3598
icmp_addrmask_reply_ip_id = !0
3599
3600
#Module D [ICMP Information Request Probe]
3601
icmp_info_reply = n
3602
icmp_info_reply_ttl = <60
3603
icmp_info_reply_ip_id = !0
3604
3605
#Module E [UDP -> ICMP Unreachable probe]
3606
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3607
icmp_unreach_reply = y
3608
icmp_unreach_echoed_dtsize = 8
3609
icmp_unreach_reply_ttl = <60
3610
icmp_unreach_precedence_bits = 0
3611
icmp_unreach_df_bit = 0
3612
icmp_unreach_ip_id = !0
3613
3614
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3615
icmp_unreach_echoed_udp_cksum = OK
3616
icmp_unreach_echoed_ip_cksum = OK
3617
icmp_unreach_echoed_ip_id = OK
3618
icmp_unreach_echoed_total_len = OK
3619
icmp_unreach_echoed_3bit_flags = OK
3620
3621
#Module F [TCP SYN | ACK Module]
3622
#IP header of the TCP SYN ACK
3623
tcp_syn_ack_tos = 0
3624
tcp_syn_ack_df = 0
3625
tcp_syn_ack_ip_id = !0
3626
tcp_syn_ack_ttl = <60
3627
3628
#Information from the TCP header
3629
tcp_syn_ack_ack = 1
3630
tcp_syn_ack_window_size = 5840
3631
tcp_syn_ack_options_order = "MSS"
3632
tcp_syn_ack_wscale = NONE
3633
tcp_syn_ack_tsval = NONE
3634
tcp_syn_ack_tsecr = NONE
3635
3636
#Module G [TCP RST|ACK]
3637
tcp_rst_reply = y
3638
tcp_rst_df = 0
3639
tcp_rst_ip_id_1 = !0
3640
tcp_rst_ip_id_2 = !0
3641
tcp_rst_ip_id_strategy = I
3642
tcp_rst_ttl = <60
3643
}
3644
3645
fingerprint {
3646
OS_ID = "HP JetDirect ROM G.07.02 EEPROM G.07.20"
3647
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3648
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3649
#Date: 04 July 2003
3650
#Modified: 04 July 2003
3651
3652
#Module A [ICMP ECHO Probe]
3653
icmp_echo_reply = y
3654
3655
3656
icmp_echo_code = 0
3657
icmp_echo_ip_id = !0
3658
icmp_echo_tos_bits = 0
3659
icmp_echo_df_bit = 0
3660
icmp_echo_reply_ttl = <60
3661
3662
#Module B [ICMP Timestamp Probe]
3663
icmp_timestamp_reply = n
3664
icmp_timestamp_reply_ttl = <60
3665
icmp_timestamp_reply_ip_id = !0
3666
3667
#Module C [ICMP Address Mask Request Probe]
3668
icmp_addrmask_reply = n
3669
icmp_addrmask_reply_ttl = <60
3670
icmp_addrmask_reply_ip_id = !0
3671
3672
#Module D [ICMP Information Request Probe]
3673
icmp_info_reply = n
3674
icmp_info_reply_ttl = <60
3675
icmp_info_reply_ip_id = !0
3676
3677
#Module E [UDP -> ICMP Unreachable probe]
3678
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3679
icmp_unreach_reply = y
3680
icmp_unreach_echoed_dtsize = 8
3681
icmp_unreach_reply_ttl = <60
3682
icmp_unreach_precedence_bits = 0
3683
icmp_unreach_df_bit = 0
3684
icmp_unreach_ip_id = !0
3685
3686
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3687
icmp_unreach_echoed_udp_cksum = OK
3688
icmp_unreach_echoed_ip_cksum = OK
3689
icmp_unreach_echoed_ip_id = OK
3690
icmp_unreach_echoed_total_len = OK
3691
icmp_unreach_echoed_3bit_flags = OK
3692
3693
#Module F [TCP SYN | ACK Module]
3694
#IP header of the TCP SYN ACK
3695
tcp_syn_ack_tos = 0
3696
tcp_syn_ack_df = 0
3697
tcp_syn_ack_ip_id = !0
3698
tcp_syn_ack_ttl = <60
3699
3700
#Information from the TCP header
3701
tcp_syn_ack_ack = 1
3702
tcp_syn_ack_window_size = 5840
3703
tcp_syn_ack_options_order = "MSS"
3704
tcp_syn_ack_wscale = NONE
3705
tcp_syn_ack_tsval = NONE
3706
tcp_syn_ack_tsecr = NONE
3707
3708
#Module G [TCP RST|ACK]
3709
tcp_rst_reply = y
3710
tcp_rst_df = 0
3711
tcp_rst_ip_id_1 = !0
3712
tcp_rst_ip_id_2 = !0
3713
tcp_rst_ip_id_strategy = I
3714
tcp_rst_ttl = <60
3715
}
3716
3717
fingerprint {
3718
OS_ID = "HP JetDirect ROM G.07.02 EEPROM G.08.04"
3719
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3720
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3721
#Date: 12 February 2005
3722
#Modified: -
3723
3724
#Module A [ICMP ECHO Probe]
3725
icmp_echo_reply = y
3726
3727
3728
icmp_echo_code = 0
3729
icmp_echo_ip_id = !0
3730
icmp_echo_tos_bits = 0
3731
icmp_echo_df_bit = 0
3732
icmp_echo_reply_ttl = <60
3733
3734
#Module B [ICMP Timestamp Probe]
3735
icmp_timestamp_reply = n
3736
icmp_timestamp_reply_ttl = <60
3737
icmp_timestamp_reply_ip_id = !0
3738
3739
#Module C [ICMP Address Mask Request Probe]
3740
icmp_addrmask_reply = n
3741
icmp_addrmask_reply_ttl = <60
3742
icmp_addrmask_reply_ip_id = !0
3743
3744
#Module D [ICMP Information Request Probe]
3745
icmp_info_reply = n
3746
icmp_info_reply_ttl = <60
3747
icmp_info_reply_ip_id = !0
3748
3749
#Module E [UDP -> ICMP Unreachable probe]
3750
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3751
icmp_unreach_reply = y
3752
icmp_unreach_echoed_dtsize = 8
3753
icmp_unreach_reply_ttl = <60
3754
icmp_unreach_precedence_bits = 0
3755
icmp_unreach_df_bit = 0
3756
icmp_unreach_ip_id = !0
3757
3758
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3759
icmp_unreach_echoed_udp_cksum = OK
3760
icmp_unreach_echoed_ip_cksum = OK
3761
icmp_unreach_echoed_ip_id = OK
3762
icmp_unreach_echoed_total_len = OK
3763
icmp_unreach_echoed_3bit_flags = OK
3764
3765
#Module F [TCP SYN | ACK Module]
3766
#IP header of the TCP SYN ACK
3767
tcp_syn_ack_tos = 0
3768
tcp_syn_ack_df = 0
3769
tcp_syn_ack_ip_id = !0
3770
tcp_syn_ack_ttl = <60
3771
3772
#Information from the TCP header
3773
tcp_syn_ack_ack = 1
3774
tcp_syn_ack_window_size = 5840
3775
tcp_syn_ack_options_order = "MSS"
3776
tcp_syn_ack_wscale = NONE
3777
tcp_syn_ack_tsval = NONE
3778
tcp_syn_ack_tsecr = NONE
3779
3780
#Module G [TCP RST|ACK]
3781
tcp_rst_reply = y
3782
tcp_rst_df = 0
3783
tcp_rst_ip_id_1 = !0
3784
tcp_rst_ip_id_2 = !0
3785
tcp_rst_ip_id_strategy = I
3786
tcp_rst_ttl = <60
3787
}
3788
3789
fingerprint {
3790
OS_ID = "HP JetDirect ROM G.07.19 EEPROM G.07.20"
3791
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3792
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3793
#Date: 04 July 2003
3794
#Modified: 04 July 2003
3795
3796
#Module A [ICMP ECHO Probe]
3797
icmp_echo_reply = y
3798
3799
3800
icmp_echo_code = 0
3801
icmp_echo_ip_id = !0
3802
icmp_echo_tos_bits = 0
3803
icmp_echo_df_bit = 0
3804
icmp_echo_reply_ttl = <60
3805
3806
#Module B [ICMP Timestamp Probe]
3807
icmp_timestamp_reply = n
3808
icmp_timestamp_reply_ttl = <60
3809
icmp_timestamp_reply_ip_id = !0
3810
3811
#Module C [ICMP Address Mask Request Probe]
3812
icmp_addrmask_reply = n
3813
icmp_addrmask_reply_ttl = <60
3814
icmp_addrmask_reply_ip_id = !0
3815
3816
#Module D [ICMP Information Request Probe]
3817
icmp_info_reply = n
3818
icmp_info_reply_ttl = <60
3819
icmp_info_reply_ip_id = !0
3820
3821
#Module E [UDP -> ICMP Unreachable probe]
3822
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3823
icmp_unreach_reply = y
3824
icmp_unreach_echoed_dtsize = 8
3825
icmp_unreach_reply_ttl = <60
3826
icmp_unreach_precedence_bits = 0
3827
icmp_unreach_df_bit = 0
3828
icmp_unreach_ip_id = !0
3829
3830
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3831
icmp_unreach_echoed_udp_cksum = OK
3832
icmp_unreach_echoed_ip_cksum = OK
3833
icmp_unreach_echoed_ip_id = OK
3834
icmp_unreach_echoed_total_len = OK
3835
icmp_unreach_echoed_3bit_flags = OK
3836
3837
#Module F [TCP SYN | ACK Module]
3838
#IP header of the TCP SYN ACK
3839
tcp_syn_ack_tos = 0
3840
tcp_syn_ack_df = 0
3841
tcp_syn_ack_ip_id = !0
3842
tcp_syn_ack_ttl = <60
3843
3844
#Information from the TCP header
3845
tcp_syn_ack_ack = 1
3846
tcp_syn_ack_window_size = 5840
3847
tcp_syn_ack_options_order = "MSS"
3848
tcp_syn_ack_wscale = NONE
3849
tcp_syn_ack_tsval = NONE
3850
tcp_syn_ack_tsecr = NONE
3851
3852
#Module G [TCP RST|ACK]
3853
tcp_rst_reply = y
3854
tcp_rst_df = 0
3855
tcp_rst_ip_id_1 = !0
3856
tcp_rst_ip_id_2 = !0
3857
tcp_rst_ip_id_strategy = I
3858
tcp_rst_ttl = <60
3859
}
3860
3861
fingerprint {
3862
OS_ID = "HP JetDirect ROM G.07.19 EEPROM G.08.03"
3863
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3864
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3865
#Date: 04 July 2003
3866
#Modified: 04 July 2003
3867
3868
#Module A [ICMP ECHO Probe]
3869
icmp_echo_reply = y
3870
3871
3872
icmp_echo_code = 0
3873
icmp_echo_ip_id = !0
3874
icmp_echo_tos_bits = 0
3875
icmp_echo_df_bit = 0
3876
icmp_echo_reply_ttl = <60
3877
3878
#Module B [ICMP Timestamp Probe]
3879
icmp_timestamp_reply = n
3880
icmp_timestamp_reply_ttl = <60
3881
icmp_timestamp_reply_ip_id = !0
3882
3883
#Module C [ICMP Address Mask Request Probe]
3884
icmp_addrmask_reply = n
3885
icmp_addrmask_reply_ttl = <60
3886
icmp_addrmask_reply_ip_id = !0
3887
3888
#Module D [ICMP Information Request Probe]
3889
icmp_info_reply = n
3890
icmp_info_reply_ttl = <60
3891
icmp_info_reply_ip_id = !0
3892
3893
#Module E [UDP -> ICMP Unreachable probe]
3894
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3895
icmp_unreach_reply = y
3896
icmp_unreach_echoed_dtsize = 8
3897
icmp_unreach_reply_ttl = <60
3898
icmp_unreach_precedence_bits = 0
3899
icmp_unreach_df_bit = 0
3900
icmp_unreach_ip_id = !0
3901
3902
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3903
icmp_unreach_echoed_udp_cksum = OK
3904
icmp_unreach_echoed_ip_cksum = OK
3905
icmp_unreach_echoed_ip_id = OK
3906
icmp_unreach_echoed_total_len = OK
3907
icmp_unreach_echoed_3bit_flags = OK
3908
3909
#Module F [TCP SYN | ACK Module]
3910
#IP header of the TCP SYN ACK
3911
tcp_syn_ack_tos = 0
3912
tcp_syn_ack_df = 0
3913
tcp_syn_ack_ip_id = !0
3914
tcp_syn_ack_ttl = <60
3915
3916
#Information from the TCP header
3917
tcp_syn_ack_ack = 1
3918
tcp_syn_ack_window_size = 5840
3919
tcp_syn_ack_options_order = "MSS"
3920
tcp_syn_ack_wscale = NONE
3921
tcp_syn_ack_tsval = NONE
3922
tcp_syn_ack_tsecr = NONE
3923
3924
#Module G [TCP RST|ACK]
3925
tcp_rst_reply = y
3926
tcp_rst_df = 0
3927
tcp_rst_ip_id_1 = !0
3928
tcp_rst_ip_id_2 = !0
3929
tcp_rst_ip_id_strategy = I
3930
tcp_rst_ttl = <60
3931
}
3932
3933
fingerprint {
3934
OS_ID = "HP JetDirect ROM G.07.19 EEPROM G.08.04"
3935
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
3936
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
3937
#Date: 12 February 2005
3938
#Modified: -
3939
3940
#Module A [ICMP ECHO Probe]
3941
icmp_echo_reply = y
3942
3943
3944
icmp_echo_code = 0
3945
icmp_echo_ip_id = !0
3946
icmp_echo_tos_bits = 0
3947
icmp_echo_df_bit = 0
3948
icmp_echo_reply_ttl = <60
3949
3950
#Module B [ICMP Timestamp Probe]
3951
icmp_timestamp_reply = n
3952
icmp_timestamp_reply_ttl = <60
3953
icmp_timestamp_reply_ip_id = !0
3954
3955
#Module C [ICMP Address Mask Request Probe]
3956
icmp_addrmask_reply = n
3957
icmp_addrmask_reply_ttl = <60
3958
icmp_addrmask_reply_ip_id = !0
3959
3960
#Module D [ICMP Information Request Probe]
3961
icmp_info_reply = n
3962
icmp_info_reply_ttl = <60
3963
icmp_info_reply_ip_id = !0
3964
3965
#Module E [UDP -> ICMP Unreachable probe]
3966
#IP_Header_of_the_UDP_Port_Unreachable_error_message
3967
icmp_unreach_reply = y
3968
icmp_unreach_echoed_dtsize = 8
3969
icmp_unreach_reply_ttl = <60
3970
icmp_unreach_precedence_bits = 0
3971
icmp_unreach_df_bit = 0
3972
icmp_unreach_ip_id = !0
3973
3974
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
3975
icmp_unreach_echoed_udp_cksum = OK
3976
icmp_unreach_echoed_ip_cksum = OK
3977
icmp_unreach_echoed_ip_id = OK
3978
icmp_unreach_echoed_total_len = OK
3979
icmp_unreach_echoed_3bit_flags = OK
3980
3981
#Module F [TCP SYN | ACK Module]
3982
#IP header of the TCP SYN ACK
3983
tcp_syn_ack_tos = 0
3984
tcp_syn_ack_df = 0
3985
tcp_syn_ack_ip_id = !0
3986
tcp_syn_ack_ttl = <60
3987
3988
#Information from the TCP header
3989
tcp_syn_ack_ack = 1
3990
tcp_syn_ack_window_size = 5840
3991
tcp_syn_ack_options_order = "MSS"
3992
tcp_syn_ack_wscale = NONE
3993
tcp_syn_ack_tsval = NONE
3994
tcp_syn_ack_tsecr = NONE
3995
3996
#Module G [TCP RST|ACK]
3997
tcp_rst_reply = y
3998
tcp_rst_df = 0
3999
tcp_rst_ip_id_1 = !0
4000
tcp_rst_ip_id_2 = !0
4001
tcp_rst_ip_id_strategy = I
4002
tcp_rst_ttl = <60
4003
}
4004
4005
fingerprint {
4006
OS_ID = "HP JetDirect ROM G.08.08 EEPROM G.08.04"
4007
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4008
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
4009
#Date: 04 July 2003
4010
#Modified: 04 July 2003
4011
4012
#Module A [ICMP ECHO Probe]
4013
icmp_echo_reply = y
4014
4015
4016
icmp_echo_code = 0
4017
icmp_echo_ip_id = !0
4018
icmp_echo_tos_bits = 0
4019
icmp_echo_df_bit = 0
4020
icmp_echo_reply_ttl = <60
4021
4022
#Module B [ICMP Timestamp Probe]
4023
icmp_timestamp_reply = n
4024
icmp_timestamp_reply_ttl = <60
4025
icmp_timestamp_reply_ip_id = !0
4026
4027
#Module C [ICMP Address Mask Request Probe]
4028
icmp_addrmask_reply = n
4029
icmp_addrmask_reply_ttl = <60
4030
icmp_addrmask_reply_ip_id = !0
4031
4032
#Module D [ICMP Information Request Probe]
4033
icmp_info_reply = n
4034
icmp_info_reply_ttl = <60
4035
icmp_info_reply_ip_id = !0
4036
4037
#Module E [UDP -> ICMP Unreachable probe]
4038
#IP_Header_of_the_UDP_Port_Unreachable_error_message
4039
icmp_unreach_reply = y
4040
icmp_unreach_echoed_dtsize = 8
4041
icmp_unreach_reply_ttl = <60
4042
icmp_unreach_precedence_bits = 0
4043
icmp_unreach_df_bit = 0
4044
icmp_unreach_ip_id = !0
4045
4046
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
4047
icmp_unreach_echoed_udp_cksum = OK
4048
icmp_unreach_echoed_ip_cksum = OK
4049
icmp_unreach_echoed_ip_id = OK
4050
icmp_unreach_echoed_total_len = OK
4051
icmp_unreach_echoed_3bit_flags = OK
4052
4053
#Module F [TCP SYN | ACK Module]
4054
#IP header of the TCP SYN ACK
4055
tcp_syn_ack_tos = 0
4056
tcp_syn_ack_df = 0
4057
tcp_syn_ack_ip_id = !0
4058
tcp_syn_ack_ttl = <60
4059
4060
#Information from the TCP header
4061
tcp_syn_ack_ack = 1
4062
tcp_syn_ack_window_size = 5840
4063
tcp_syn_ack_options_order = "MSS"
4064
tcp_syn_ack_wscale = NONE
4065
tcp_syn_ack_tsval = NONE
4066
tcp_syn_ack_tsecr = NONE
4067
4068
#Module G [TCP RST|ACK]
4069
tcp_rst_reply = y
4070
tcp_rst_df = 0
4071
tcp_rst_ip_id_1 = !0
4072
tcp_rst_ip_id_2 = !0
4073
tcp_rst_ip_id_strategy = I
4074
tcp_rst_ttl = <60
4075
}
4076
4077
fingerprint {
4078
OS_ID = "HP JetDirect ROM G.08.21 EEPROM G.08.21"
4079
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4080
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
4081
#Date: 04 July 2003
4082
#Modified: 04 July 2003
4083
4084
#Module A [ICMP ECHO Probe]
4085
icmp_echo_reply = y
4086
4087
4088
icmp_echo_code = 0
4089
icmp_echo_ip_id = !0
4090
icmp_echo_tos_bits = 0
4091
icmp_echo_df_bit = 0
4092
icmp_echo_reply_ttl = <60
4093
4094
#Module B [ICMP Timestamp Probe]
4095
icmp_timestamp_reply = n
4096
icmp_timestamp_reply_ttl = <60
4097
icmp_timestamp_reply_ip_id = !0
4098
4099
#Module C [ICMP Address Mask Request Probe]
4100
icmp_addrmask_reply = n
4101
icmp_addrmask_reply_ttl = <60
4102
icmp_addrmask_reply_ip_id = !0
4103
4104
#Module D [ICMP Information Request Probe]
4105
icmp_info_reply = n
4106
icmp_info_reply_ttl = <60
4107
icmp_info_reply_ip_id = !0
4108
4109
#Module E [UDP -> ICMP Unreachable probe]
4110
#IP_Header_of_the_UDP_Port_Unreachable_error_message
4111
icmp_unreach_reply = y
4112
icmp_unreach_echoed_dtsize = 8
4113
icmp_unreach_reply_ttl = <60
4114
icmp_unreach_precedence_bits = 0
4115
icmp_unreach_df_bit = 0
4116
icmp_unreach_ip_id = !0
4117
4118
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
4119
icmp_unreach_echoed_udp_cksum = OK
4120
icmp_unreach_echoed_ip_cksum = OK
4121
icmp_unreach_echoed_ip_id = OK
4122
icmp_unreach_echoed_total_len = OK
4123
icmp_unreach_echoed_3bit_flags = OK
4124
4125
#Module F [TCP SYN | ACK Module]
4126
#IP header of the TCP SYN ACK
4127
tcp_syn_ack_tos = 0
4128
tcp_syn_ack_df = 0
4129
tcp_syn_ack_ip_id = !0
4130
tcp_syn_ack_ttl = <60
4131
4132
#Information from the TCP header
4133
tcp_syn_ack_ack = 1
4134
tcp_syn_ack_window_size = 5840
4135
tcp_syn_ack_options_order = "MSS"
4136
tcp_syn_ack_wscale = NONE
4137
tcp_syn_ack_tsval = NONE
4138
tcp_syn_ack_tsecr = NONE
4139
4140
#Module G [TCP RST|ACK]
4141
tcp_rst_reply = y
4142
tcp_rst_df = 0
4143
tcp_rst_ip_id_1 = !0
4144
tcp_rst_ip_id_2 = !0
4145
tcp_rst_ip_id_strategy = I
4146
tcp_rst_ttl = <60
4147
}
4148
4149
fingerprint {
4150
OS_ID = "HP JetDirect ROM H.07.15 EEPROM H.08.20"
4151
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4152
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
4153
#Date: 04 July 2003
4154
#Modified: 04 July 2003
4155
4156
#Module A [ICMP ECHO Probe]
4157
icmp_echo_reply = y
4158
4159
4160
icmp_echo_code = 0
4161
icmp_echo_ip_id = !0
4162
icmp_echo_tos_bits = 0
4163
icmp_echo_df_bit = 0
4164
icmp_echo_reply_ttl = <60
4165
4166
#Module B [ICMP Timestamp Probe]
4167
icmp_timestamp_reply = n
4168
icmp_timestamp_reply_ttl = <60
4169
icmp_timestamp_reply_ip_id = !0
4170
4171
#Module C [ICMP Address Mask Request Probe]
4172
icmp_addrmask_reply = n
4173
icmp_addrmask_reply_ttl = <60
4174
icmp_addrmask_reply_ip_id = !0
4175
4176
#Module D [ICMP Information Request Probe]
4177
icmp_info_reply = n
4178
icmp_info_reply_ttl = <60
4179
icmp_info_reply_ip_id = !0
4180
4181
#Module E [UDP -> ICMP Unreachable probe]
4182
#IP_Header_of_the_UDP_Port_Unreachable_error_message
4183
icmp_unreach_reply = y
4184
icmp_unreach_echoed_dtsize = 8
4185
icmp_unreach_reply_ttl = <60
4186
icmp_unreach_precedence_bits = 0
4187
icmp_unreach_df_bit = 0
4188
icmp_unreach_ip_id = !0
4189
4190
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
4191
icmp_unreach_echoed_udp_cksum = OK
4192
icmp_unreach_echoed_ip_cksum = OK
4193
icmp_unreach_echoed_ip_id = OK
4194
icmp_unreach_echoed_total_len = OK
4195
icmp_unreach_echoed_3bit_flags = OK
4196
4197
#Module F [TCP SYN | ACK Module]
4198
#IP header of the TCP SYN ACK
4199
tcp_syn_ack_tos = 0
4200
tcp_syn_ack_df = 0
4201
tcp_syn_ack_ip_id = !0
4202
tcp_syn_ack_ttl = <60
4203
4204
#Information from the TCP header
4205
tcp_syn_ack_ack = 1
4206
tcp_syn_ack_window_size = 5840
4207
tcp_syn_ack_options_order = "MSS"
4208
tcp_syn_ack_wscale = NONE
4209
tcp_syn_ack_tsval = NONE
4210
tcp_syn_ack_tsecr = NONE
4211
4212
#Module G [TCP RST|ACK]
4213
tcp_rst_reply = y
4214
tcp_rst_df = 0
4215
tcp_rst_ip_id_1 = !0
4216
tcp_rst_ip_id_2 = !0
4217
tcp_rst_ip_id_strategy = I
4218
tcp_rst_ttl = <60
4219
}
4220
4221
fingerprint {
4222
OS_ID = "HP JetDirect ROM L.20.07 EEPROM L.20.24"
4223
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4224
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
4225
#Date: 04 July 2003
4226
#Modified: 04 July 2003
4227
4228
#Module A [ICMP ECHO Probe]
4229
icmp_echo_reply = y
4230
4231
4232
icmp_echo_code = !0
4233
icmp_echo_ip_id = !0
4234
icmp_echo_tos_bits = !0
4235
icmp_echo_df_bit = 1
4236
icmp_echo_reply_ttl = <64
4237
4238
#Module B [ICMP Timestamp Probe]
4239
icmp_timestamp_reply = y
4240
icmp_timestamp_reply_ttl = <64
4241
icmp_timestamp_reply_ip_id = !0
4242
4243
#Module C [ICMP Address Mask Request Probe]
4244
icmp_addrmask_reply = n
4245
icmp_addrmask_reply_ttl = <64
4246
icmp_addrmask_reply_ip_id = !0
4247
4248
#Module D [ICMP Information Request Probe]
4249
icmp_info_reply = n
4250
icmp_info_reply_ttl = <64
4251
icmp_info_reply_ip_id = !0
4252
4253
#Module E [UDP -> ICMP Unreachable probe]
4254
#IP_Header_of_the_UDP_Port_Unreachable_error_message
4255
icmp_unreach_reply = y
4256
icmp_unreach_echoed_dtsize = 8
4257
icmp_unreach_reply_ttl = <64
4258
icmp_unreach_precedence_bits = 0
4259
icmp_unreach_df_bit = 1
4260
icmp_unreach_ip_id = !0
4261
4262
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
4263
icmp_unreach_echoed_udp_cksum = 0
4264
icmp_unreach_echoed_ip_cksum = 0
4265
icmp_unreach_echoed_ip_id = FLIPPED
4266
icmp_unreach_echoed_total_len = OK
4267
icmp_unreach_echoed_3bit_flags = FLIPPED
4268
4269
#Module F [TCP SYN | ACK Module]
4270
#IP header of the TCP SYN ACK
4271
tcp_syn_ack_tos = 0
4272
tcp_syn_ack_df = 0
4273
tcp_syn_ack_ip_id = !0
4274
tcp_syn_ack_ttl = <64
4275
4276
#Information from the TCP header
4277
tcp_syn_ack_ack = 1
4278
tcp_syn_ack_window_size = 11680
4279
tcp_syn_ack_options_order = "MSS NOP WSCALE"
4280
tcp_syn_ack_wscale = 0
4281
tcp_syn_ack_tsval = NONE
4282
tcp_syn_ack_tsecr = NONE
4283
4284
#Module G [TCP RST|ACK]
4285
tcp_rst_reply = y
4286
tcp_rst_df = 0
4287
tcp_rst_ip_id_1 = !0
4288
tcp_rst_ip_id_2 = !0
4289
tcp_rst_ip_id_strategy = I
4290
tcp_rst_ttl = <64
4291
}
4292
4293
fingerprint {
4294
OS_ID = "HP JetDirect ROM R.22.01 EEPROM L.24.08"
4295
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4296
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
4297
#Date: 12 February 2005
4298
#Modified: -
4299
4300
#Module A [ICMP ECHO Probe]
4301
icmp_echo_reply = y
4302
4303
4304
icmp_echo_code = !0
4305
icmp_echo_ip_id = !0
4306
icmp_echo_tos_bits = !0
4307
icmp_echo_df_bit = 1
4308
icmp_echo_reply_ttl = <64
4309
4310
#Module B [ICMP Timestamp Probe]
4311
icmp_timestamp_reply = y
4312
icmp_timestamp_reply_ttl = <64
4313
icmp_timestamp_reply_ip_id = !0
4314
4315
#Module C [ICMP Address Mask Request Probe]
4316
icmp_addrmask_reply = n
4317
icmp_addrmask_reply_ttl = <64
4318
icmp_addrmask_reply_ip_id = !0
4319
4320
#Module D [ICMP Information Request Probe]
4321
icmp_info_reply = n
4322
icmp_info_reply_ttl = <64
4323
icmp_info_reply_ip_id = !0
4324
4325
#Module E [UDP -> ICMP Unreachable probe]
4326
#IP_Header_of_the_UDP_Port_Unreachable_error_message
4327
icmp_unreach_reply = y
4328
icmp_unreach_echoed_dtsize = 8
4329
icmp_unreach_reply_ttl = <64
4330
icmp_unreach_precedence_bits = 0
4331
icmp_unreach_df_bit = 1
4332
icmp_unreach_ip_id = !0
4333
4334
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
4335
icmp_unreach_echoed_udp_cksum = 0
4336
icmp_unreach_echoed_ip_cksum = 0
4337
icmp_unreach_echoed_ip_id = FLIPPED
4338
icmp_unreach_echoed_total_len = OK
4339
icmp_unreach_echoed_3bit_flags = FLIPPED
4340
4341
#Module F [TCP SYN | ACK Module]
4342
#IP header of the TCP SYN ACK
4343
tcp_syn_ack_tos = 0
4344
tcp_syn_ack_df = 0
4345
tcp_syn_ack_ip_id = !0
4346
tcp_syn_ack_ttl = <64
4347
4348
#Information from the TCP header
4349
tcp_syn_ack_ack = 1
4350
tcp_syn_ack_window_size = 5840
4351
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
4352
tcp_syn_ack_wscale = 0
4353
tcp_syn_ack_tsval = !0
4354
tcp_syn_ack_tsecr = !0
4355
4356
#Module G [TCP RST|ACK]
4357
tcp_rst_reply = y
4358
tcp_rst_df = 0
4359
tcp_rst_ip_id_1 = !0
4360
tcp_rst_ip_id_2 = !0
4361
tcp_rst_ip_id_strategy = I
4362
tcp_rst_ttl = <64
4363
}
4364
4365
4366
#Linux
4367
4368
fingerprint {
4369
OS_ID = "Linux Kernel 2.6.10"
4370
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4371
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4372
#Date: 4 January 2005
4373
#Modified: -
4374
4375
#Module A
4376
icmp_echo_reply = y
4377
4378
4379
icmp_echo_code = !0
4380
icmp_echo_ip_id = !0
4381
icmp_echo_tos_bits = !0
4382
icmp_echo_df_bit = 0
4383
icmp_echo_reply_ttl = <64
4384
4385
#Module B
4386
icmp_timestamp_reply = y
4387
icmp_timestamp_reply_ttl = <64
4388
icmp_timestamp_reply_ip_id = !0
4389
4390
#Module C
4391
icmp_addrmask_reply = n
4392
icmp_addrmask_reply_ttl = <64
4393
icmp_addrmask_reply_ip_id = !0
4394
4395
#Module D
4396
icmp_info_reply = n
4397
icmp_info_reply_ttl = <64
4398
icmp_info_reply_ip_id = !0
4399
4400
#Module E
4401
icmp_unreach_reply = y
4402
icmp_unreach_echoed_dtsize = >64
4403
icmp_unreach_reply_ttl = <64
4404
icmp_unreach_precedence_bits = 0xc0
4405
icmp_unreach_df_bit = 0
4406
icmp_unreach_ip_id = !0
4407
4408
icmp_unreach_echoed_udp_cksum = OK
4409
icmp_unreach_echoed_ip_cksum = OK
4410
icmp_unreach_echoed_ip_id = OK
4411
icmp_unreach_echoed_total_len = OK
4412
icmp_unreach_echoed_3bit_flags = OK
4413
4414
#Module F [TCP SYN | ACK Module]
4415
#IP header of the TCP SYN ACK
4416
tcp_syn_ack_tos = 0
4417
tcp_syn_ack_df = 1
4418
tcp_syn_ack_ip_id = 0
4419
tcp_syn_ack_ttl = <64
4420
4421
#Information from the TCP header
4422
tcp_syn_ack_ack = 1
4423
tcp_syn_ack_window_size = 5792
4424
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4425
tcp_syn_ack_wscale = 2
4426
tcp_syn_ack_tsval = !0
4427
tcp_syn_ack_tsecr = !0
4428
4429
#Module G [TCP RST|ACK]
4430
tcp_rst_reply = y
4431
tcp_rst_df = 1
4432
tcp_rst_ip_id_1 = !0
4433
tcp_rst_ip_id_2 = !0
4434
tcp_rst_ip_id_strategy = I
4435
tcp_rst_ttl = <64
4436
}
4437
4438
fingerprint {
4439
OS_ID = "Linux Kernel 2.6.9"
4440
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4441
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4442
#Date: 14 December 2004
4443
#Modified: -
4444
4445
#Module A
4446
icmp_echo_reply = y
4447
4448
4449
icmp_echo_code = !0
4450
icmp_echo_ip_id = !0
4451
icmp_echo_tos_bits = !0
4452
icmp_echo_df_bit = 0
4453
icmp_echo_reply_ttl = <64
4454
4455
#Module B
4456
icmp_timestamp_reply = y
4457
icmp_timestamp_reply_ttl = <64
4458
icmp_timestamp_reply_ip_id = !0
4459
4460
#Module C
4461
icmp_addrmask_reply = n
4462
icmp_addrmask_reply_ttl = <64
4463
icmp_addrmask_reply_ip_id = !0
4464
4465
#Module D
4466
icmp_info_reply = n
4467
icmp_info_reply_ttl = <64
4468
icmp_info_reply_ip_id = !0
4469
4470
#Module E
4471
icmp_unreach_reply = y
4472
icmp_unreach_echoed_dtsize = >64
4473
icmp_unreach_reply_ttl = <64
4474
icmp_unreach_precedence_bits = 0xc0
4475
icmp_unreach_df_bit = 0
4476
icmp_unreach_ip_id = !0
4477
4478
icmp_unreach_echoed_udp_cksum = OK
4479
icmp_unreach_echoed_ip_cksum = OK
4480
icmp_unreach_echoed_ip_id = OK
4481
icmp_unreach_echoed_total_len = OK
4482
icmp_unreach_echoed_3bit_flags = OK
4483
4484
#Module F [TCP SYN | ACK Module]
4485
#IP header of the TCP SYN ACK
4486
tcp_syn_ack_tos = 0
4487
tcp_syn_ack_df = 1
4488
tcp_syn_ack_ip_id = 0
4489
tcp_syn_ack_ttl = <64
4490
4491
#Information from the TCP header
4492
tcp_syn_ack_ack = 1
4493
tcp_syn_ack_window_size = 5792
4494
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4495
tcp_syn_ack_wscale = 2
4496
tcp_syn_ack_tsval = !0
4497
tcp_syn_ack_tsecr = !0
4498
4499
#Module G [TCP RST|ACK]
4500
tcp_rst_reply = y
4501
tcp_rst_df = 1
4502
tcp_rst_ip_id_1 = !0
4503
tcp_rst_ip_id_2 = !0
4504
tcp_rst_ip_id_strategy = I
4505
tcp_rst_ttl = <64
4506
}
4507
4508
fingerprint {
4509
OS_ID = "Linux Kernel 2.6.8"
4510
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4511
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4512
#Date: 14 December 2004
4513
#Modified: -
4514
4515
#Module A
4516
icmp_echo_reply = y
4517
4518
4519
icmp_echo_code = !0
4520
icmp_echo_ip_id = !0
4521
icmp_echo_tos_bits = !0
4522
icmp_echo_df_bit = 0
4523
icmp_echo_reply_ttl = <64
4524
4525
#Module B
4526
icmp_timestamp_reply = y
4527
icmp_timestamp_reply_ttl = <64
4528
icmp_timestamp_reply_ip_id = !0
4529
4530
#Module C
4531
icmp_addrmask_reply = n
4532
icmp_addrmask_reply_ttl = <64
4533
icmp_addrmask_reply_ip_id = !0
4534
4535
#Module D
4536
icmp_info_reply = n
4537
icmp_info_reply_ttl = <64
4538
icmp_info_reply_ip_id = !0
4539
4540
#Module E
4541
icmp_unreach_reply = y
4542
icmp_unreach_echoed_dtsize = >64
4543
icmp_unreach_reply_ttl = <64
4544
icmp_unreach_precedence_bits = 0xc0
4545
icmp_unreach_df_bit = 0
4546
icmp_unreach_ip_id = !0
4547
4548
icmp_unreach_echoed_udp_cksum = OK
4549
icmp_unreach_echoed_ip_cksum = OK
4550
icmp_unreach_echoed_ip_id = OK
4551
icmp_unreach_echoed_total_len = OK
4552
icmp_unreach_echoed_3bit_flags = OK
4553
4554
#Module F [TCP SYN | ACK Module]
4555
#IP header of the TCP SYN ACK
4556
tcp_syn_ack_tos = 0
4557
tcp_syn_ack_df = 1
4558
tcp_syn_ack_ip_id = 0
4559
tcp_syn_ack_ttl = <64
4560
4561
#Information from the TCP header
4562
tcp_syn_ack_ack = 1
4563
tcp_syn_ack_window_size = 5792
4564
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4565
tcp_syn_ack_wscale = 7
4566
tcp_syn_ack_tsval = !0
4567
tcp_syn_ack_tsecr = !0
4568
4569
#Module G [TCP RST|ACK]
4570
tcp_rst_reply = y
4571
tcp_rst_df = 1
4572
tcp_rst_ip_id_1 = !0
4573
tcp_rst_ip_id_2 = !0
4574
tcp_rst_ip_id_strategy = I
4575
tcp_rst_ttl = <64
4576
}
4577
4578
fingerprint {
4579
OS_ID = "Linux Kernel 2.6.7"
4580
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4581
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4582
#Date: 14 December 2004
4583
#Modified: -
4584
4585
#Module A
4586
icmp_echo_reply = y
4587
4588
4589
icmp_echo_code = !0
4590
icmp_echo_ip_id = !0
4591
icmp_echo_tos_bits = !0
4592
icmp_echo_df_bit = 0
4593
icmp_echo_reply_ttl = <64
4594
4595
#Module B
4596
icmp_timestamp_reply = y
4597
icmp_timestamp_reply_ttl = <64
4598
icmp_timestamp_reply_ip_id = !0
4599
4600
#Module C
4601
icmp_addrmask_reply = n
4602
icmp_addrmask_reply_ttl = <64
4603
icmp_addrmask_reply_ip_id = !0
4604
4605
#Module D
4606
icmp_info_reply = n
4607
icmp_info_reply_ttl = <64
4608
icmp_info_reply_ip_id = !0
4609
4610
#Module E
4611
icmp_unreach_reply = y
4612
icmp_unreach_echoed_dtsize = >64
4613
icmp_unreach_reply_ttl = <64
4614
icmp_unreach_precedence_bits = 0xc0
4615
icmp_unreach_df_bit = 0
4616
icmp_unreach_ip_id = !0
4617
4618
icmp_unreach_echoed_udp_cksum = OK
4619
icmp_unreach_echoed_ip_cksum = OK
4620
icmp_unreach_echoed_ip_id = OK
4621
icmp_unreach_echoed_total_len = OK
4622
icmp_unreach_echoed_3bit_flags = OK
4623
4624
#Module F [TCP SYN | ACK Module]
4625
#IP header of the TCP SYN ACK
4626
tcp_syn_ack_tos = 0
4627
tcp_syn_ack_df = 1
4628
tcp_syn_ack_ip_id = 0
4629
tcp_syn_ack_ttl = <64
4630
4631
#Information from the TCP header
4632
tcp_syn_ack_ack = 1
4633
tcp_syn_ack_window_size = 5792
4634
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4635
tcp_syn_ack_wscale = 0
4636
tcp_syn_ack_tsval = !0
4637
tcp_syn_ack_tsecr = !0
4638
4639
#Module G [TCP RST|ACK]
4640
tcp_rst_reply = y
4641
tcp_rst_df = 1
4642
tcp_rst_ip_id_1 = !0
4643
tcp_rst_ip_id_2 = !0
4644
tcp_rst_ip_id_strategy = I
4645
tcp_rst_ttl = <64
4646
}
4647
4648
fingerprint {
4649
OS_ID = "Linux Kernel 2.6.6"
4650
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4651
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4652
#Date: 14 December 2004
4653
#Modified: -
4654
4655
#Module A
4656
icmp_echo_reply = y
4657
4658
4659
icmp_echo_code = !0
4660
icmp_echo_ip_id = !0
4661
icmp_echo_tos_bits = !0
4662
icmp_echo_df_bit = 0
4663
icmp_echo_reply_ttl = <64
4664
4665
#Module B
4666
icmp_timestamp_reply = y
4667
icmp_timestamp_reply_ttl = <64
4668
icmp_timestamp_reply_ip_id = !0
4669
4670
#Module C
4671
icmp_addrmask_reply = n
4672
icmp_addrmask_reply_ttl = <64
4673
icmp_addrmask_reply_ip_id = !0
4674
4675
#Module D
4676
icmp_info_reply = n
4677
icmp_info_reply_ttl = <64
4678
icmp_info_reply_ip_id = !0
4679
4680
#Module E
4681
icmp_unreach_reply = y
4682
icmp_unreach_echoed_dtsize = >64
4683
icmp_unreach_reply_ttl = <64
4684
icmp_unreach_precedence_bits = 0xc0
4685
icmp_unreach_df_bit = 0
4686
icmp_unreach_ip_id = !0
4687
4688
icmp_unreach_echoed_udp_cksum = OK
4689
icmp_unreach_echoed_ip_cksum = OK
4690
icmp_unreach_echoed_ip_id = OK
4691
icmp_unreach_echoed_total_len = OK
4692
icmp_unreach_echoed_3bit_flags = OK
4693
4694
#Module F [TCP SYN | ACK Module]
4695
#IP header of the TCP SYN ACK
4696
tcp_syn_ack_tos = 0
4697
tcp_syn_ack_df = 1
4698
tcp_syn_ack_ip_id = 0
4699
tcp_syn_ack_ttl = <64
4700
4701
#Information from the TCP header
4702
tcp_syn_ack_ack = 1
4703
tcp_syn_ack_window_size = 5792
4704
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4705
tcp_syn_ack_wscale = 0
4706
tcp_syn_ack_tsval = !0
4707
tcp_syn_ack_tsecr = !0
4708
4709
#Module G [TCP RST|ACK]
4710
tcp_rst_reply = y
4711
tcp_rst_df = 1
4712
tcp_rst_ip_id_1 = !0
4713
tcp_rst_ip_id_2 = !0
4714
tcp_rst_ip_id_strategy = I
4715
tcp_rst_ttl = <64
4716
}
4717
4718
fingerprint {
4719
OS_ID = "Linux Kernel 2.6.5"
4720
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4721
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4722
#Date: 14 December 2004
4723
#Modified: -
4724
4725
#Module A
4726
icmp_echo_reply = y
4727
4728
4729
icmp_echo_code = !0
4730
icmp_echo_ip_id = !0
4731
icmp_echo_tos_bits = !0
4732
icmp_echo_df_bit = 0
4733
icmp_echo_reply_ttl = <64
4734
4735
#Module B
4736
icmp_timestamp_reply = y
4737
icmp_timestamp_reply_ttl = <64
4738
icmp_timestamp_reply_ip_id = !0
4739
4740
#Module C
4741
icmp_addrmask_reply = n
4742
icmp_addrmask_reply_ttl = <64
4743
icmp_addrmask_reply_ip_id = !0
4744
4745
#Module D
4746
icmp_info_reply = n
4747
icmp_info_reply_ttl = <64
4748
icmp_info_reply_ip_id = !0
4749
4750
#Module E
4751
icmp_unreach_reply = y
4752
icmp_unreach_echoed_dtsize = >64
4753
icmp_unreach_reply_ttl = <64
4754
icmp_unreach_precedence_bits = 0xc0
4755
icmp_unreach_df_bit = 0
4756
icmp_unreach_ip_id = !0
4757
4758
icmp_unreach_echoed_udp_cksum = OK
4759
icmp_unreach_echoed_ip_cksum = OK
4760
icmp_unreach_echoed_ip_id = OK
4761
icmp_unreach_echoed_total_len = OK
4762
icmp_unreach_echoed_3bit_flags = OK
4763
4764
#Module F [TCP SYN | ACK Module]
4765
#IP header of the TCP SYN ACK
4766
tcp_syn_ack_tos = 0
4767
tcp_syn_ack_df = 1
4768
tcp_syn_ack_ip_id = 0
4769
tcp_syn_ack_ttl = <64
4770
4771
#Information from the TCP header
4772
tcp_syn_ack_ack = 1
4773
tcp_syn_ack_window_size = 5792
4774
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4775
tcp_syn_ack_wscale = 0
4776
tcp_syn_ack_tsval = !0
4777
tcp_syn_ack_tsecr = !0
4778
4779
#Module G [TCP RST|ACK]
4780
tcp_rst_reply = y
4781
tcp_rst_df = 1
4782
tcp_rst_ip_id_1 = !0
4783
tcp_rst_ip_id_2 = !0
4784
tcp_rst_ip_id_strategy = I
4785
tcp_rst_ttl = <64
4786
}
4787
4788
fingerprint {
4789
OS_ID = "Linux Kernel 2.6.4"
4790
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4791
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4792
#Date: 14 December 2004
4793
#Modified: -
4794
4795
#Module A
4796
icmp_echo_reply = y
4797
4798
4799
icmp_echo_code = !0
4800
icmp_echo_ip_id = !0
4801
icmp_echo_tos_bits = !0
4802
icmp_echo_df_bit = 0
4803
icmp_echo_reply_ttl = <64
4804
4805
#Module B
4806
icmp_timestamp_reply = y
4807
icmp_timestamp_reply_ttl = <64
4808
icmp_timestamp_reply_ip_id = !0
4809
4810
#Module C
4811
icmp_addrmask_reply = n
4812
icmp_addrmask_reply_ttl = <64
4813
icmp_addrmask_reply_ip_id = !0
4814
4815
#Module D
4816
icmp_info_reply = n
4817
icmp_info_reply_ttl = <64
4818
icmp_info_reply_ip_id = !0
4819
4820
#Module E
4821
icmp_unreach_reply = y
4822
icmp_unreach_echoed_dtsize = >64
4823
icmp_unreach_reply_ttl = <64
4824
icmp_unreach_precedence_bits = 0xc0
4825
icmp_unreach_df_bit = 0
4826
icmp_unreach_ip_id = !0
4827
4828
icmp_unreach_echoed_udp_cksum = OK
4829
icmp_unreach_echoed_ip_cksum = OK
4830
icmp_unreach_echoed_ip_id = OK
4831
icmp_unreach_echoed_total_len = OK
4832
icmp_unreach_echoed_3bit_flags = OK
4833
4834
#Module F [TCP SYN | ACK Module]
4835
#IP header of the TCP SYN ACK
4836
tcp_syn_ack_tos = 0
4837
tcp_syn_ack_df = 1
4838
tcp_syn_ack_ip_id = 0
4839
tcp_syn_ack_ttl = <64
4840
4841
#Information from the TCP header
4842
tcp_syn_ack_ack = 1
4843
tcp_syn_ack_window_size = 5792
4844
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4845
tcp_syn_ack_wscale = 0
4846
tcp_syn_ack_tsval = !0
4847
tcp_syn_ack_tsecr = !0
4848
4849
#Module G [TCP RST|ACK]
4850
tcp_rst_reply = y
4851
tcp_rst_df = 1
4852
tcp_rst_ip_id_1 = !0
4853
tcp_rst_ip_id_2 = !0
4854
tcp_rst_ip_id_strategy = I
4855
tcp_rst_ttl = <64
4856
}
4857
4858
fingerprint {
4859
OS_ID = "Linux Kernel 2.6.3"
4860
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4861
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4862
#Date: 14 December 2004
4863
#Modified: -
4864
4865
#Module A
4866
icmp_echo_reply = y
4867
4868
4869
icmp_echo_code = !0
4870
icmp_echo_ip_id = !0
4871
icmp_echo_tos_bits = !0
4872
icmp_echo_df_bit = 0
4873
icmp_echo_reply_ttl = <64
4874
4875
#Module B
4876
icmp_timestamp_reply = y
4877
icmp_timestamp_reply_ttl = <64
4878
icmp_timestamp_reply_ip_id = !0
4879
4880
#Module C
4881
icmp_addrmask_reply = n
4882
icmp_addrmask_reply_ttl = <64
4883
icmp_addrmask_reply_ip_id = !0
4884
4885
#Module D
4886
icmp_info_reply = n
4887
icmp_info_reply_ttl = <64
4888
icmp_info_reply_ip_id = !0
4889
4890
#Module E
4891
icmp_unreach_reply = y
4892
icmp_unreach_echoed_dtsize = >64
4893
icmp_unreach_reply_ttl = <64
4894
icmp_unreach_precedence_bits = 0xc0
4895
icmp_unreach_df_bit = 0
4896
icmp_unreach_ip_id = !0
4897
4898
icmp_unreach_echoed_udp_cksum = OK
4899
icmp_unreach_echoed_ip_cksum = OK
4900
icmp_unreach_echoed_ip_id = OK
4901
icmp_unreach_echoed_total_len = OK
4902
icmp_unreach_echoed_3bit_flags = OK
4903
4904
#Module F [TCP SYN | ACK Module]
4905
#IP header of the TCP SYN ACK
4906
tcp_syn_ack_tos = 0
4907
tcp_syn_ack_df = 1
4908
tcp_syn_ack_ip_id = 0
4909
tcp_syn_ack_ttl = <64
4910
4911
#Information from the TCP header
4912
tcp_syn_ack_ack = 1
4913
tcp_syn_ack_window_size = 5792
4914
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4915
tcp_syn_ack_wscale = 0
4916
tcp_syn_ack_tsval = !0
4917
tcp_syn_ack_tsecr = !0
4918
4919
#Module G [TCP RST|ACK]
4920
tcp_rst_reply = y
4921
tcp_rst_df = 1
4922
tcp_rst_ip_id_1 = !0
4923
tcp_rst_ip_id_2 = !0
4924
tcp_rst_ip_id_strategy = I
4925
tcp_rst_ttl = <64
4926
}
4927
4928
fingerprint {
4929
OS_ID = "Linux Kernel 2.6.2"
4930
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
4931
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
4932
#Date: 14 December 2004
4933
#Modified: -
4934
4935
#Module A
4936
icmp_echo_reply = y
4937
4938
4939
icmp_echo_code = !0
4940
icmp_echo_ip_id = !0
4941
icmp_echo_tos_bits = !0
4942
icmp_echo_df_bit = 0
4943
icmp_echo_reply_ttl = <64
4944
4945
#Module B
4946
icmp_timestamp_reply = y
4947
icmp_timestamp_reply_ttl = <64
4948
icmp_timestamp_reply_ip_id = !0
4949
4950
#Module C
4951
icmp_addrmask_reply = n
4952
icmp_addrmask_reply_ttl = <64
4953
icmp_addrmask_reply_ip_id = !0
4954
4955
#Module D
4956
icmp_info_reply = n
4957
icmp_info_reply_ttl = <64
4958
icmp_info_reply_ip_id = !0
4959
4960
#Module E
4961
icmp_unreach_reply = y
4962
icmp_unreach_echoed_dtsize = >64
4963
icmp_unreach_reply_ttl = <64
4964
icmp_unreach_precedence_bits = 0xc0
4965
icmp_unreach_df_bit = 0
4966
icmp_unreach_ip_id = !0
4967
4968
icmp_unreach_echoed_udp_cksum = OK
4969
icmp_unreach_echoed_ip_cksum = OK
4970
icmp_unreach_echoed_ip_id = OK
4971
icmp_unreach_echoed_total_len = OK
4972
icmp_unreach_echoed_3bit_flags = OK
4973
4974
#Module F [TCP SYN | ACK Module]
4975
#IP header of the TCP SYN ACK
4976
tcp_syn_ack_tos = 0
4977
tcp_syn_ack_df = 1
4978
tcp_syn_ack_ip_id = 0
4979
tcp_syn_ack_ttl = <64
4980
4981
#Information from the TCP header
4982
tcp_syn_ack_ack = 1
4983
tcp_syn_ack_window_size = 5792
4984
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
4985
tcp_syn_ack_wscale = 0
4986
tcp_syn_ack_tsval = !0
4987
tcp_syn_ack_tsecr = !0
4988
4989
#Module G [TCP RST|ACK]
4990
tcp_rst_reply = y
4991
tcp_rst_df = 1
4992
tcp_rst_ip_id_1 = !0
4993
tcp_rst_ip_id_2 = !0
4994
tcp_rst_ip_id_strategy = I
4995
tcp_rst_ttl = <64
4996
}
4997
4998
fingerprint {
4999
OS_ID = "Linux Kernel 2.6.1"
5000
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5001
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5002
#Date: 14 December 2004
5003
#Modified: -
5004
5005
#Module A
5006
icmp_echo_reply = y
5007
5008
5009
icmp_echo_code = !0
5010
icmp_echo_ip_id = !0
5011
icmp_echo_tos_bits = !0
5012
icmp_echo_df_bit = 0
5013
icmp_echo_reply_ttl = <64
5014
5015
#Module B
5016
icmp_timestamp_reply = y
5017
icmp_timestamp_reply_ttl = <64
5018
icmp_timestamp_reply_ip_id = !0
5019
5020
#Module C
5021
icmp_addrmask_reply = n
5022
icmp_addrmask_reply_ttl = <64
5023
icmp_addrmask_reply_ip_id = !0
5024
5025
#Module D
5026
icmp_info_reply = n
5027
icmp_info_reply_ttl = <64
5028
icmp_info_reply_ip_id = !0
5029
5030
#Module E
5031
icmp_unreach_reply = y
5032
icmp_unreach_echoed_dtsize = >64
5033
icmp_unreach_reply_ttl = <64
5034
icmp_unreach_precedence_bits = 0xc0
5035
icmp_unreach_df_bit = 0
5036
icmp_unreach_ip_id = !0
5037
5038
icmp_unreach_echoed_udp_cksum = OK
5039
icmp_unreach_echoed_ip_cksum = OK
5040
icmp_unreach_echoed_ip_id = OK
5041
icmp_unreach_echoed_total_len = OK
5042
icmp_unreach_echoed_3bit_flags = OK
5043
5044
#Module F [TCP SYN | ACK Module]
5045
#IP header of the TCP SYN ACK
5046
tcp_syn_ack_tos = 0
5047
tcp_syn_ack_df = 1
5048
tcp_syn_ack_ip_id = 0
5049
tcp_syn_ack_ttl = <64
5050
5051
#Information from the TCP header
5052
tcp_syn_ack_ack = 1
5053
tcp_syn_ack_window_size = 5792
5054
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5055
tcp_syn_ack_wscale = 0
5056
tcp_syn_ack_tsval = !0
5057
tcp_syn_ack_tsecr = !0
5058
5059
#Module G [TCP RST|ACK]
5060
tcp_rst_reply = y
5061
tcp_rst_df = 1
5062
tcp_rst_ip_id_1 = !0
5063
tcp_rst_ip_id_2 = !0
5064
tcp_rst_ip_id_strategy = I
5065
tcp_rst_ttl = <64
5066
}
5067
5068
fingerprint {
5069
OS_ID = "Linux Kernel 2.6.0"
5070
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5071
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5072
#Date: 14 December 2004
5073
#Modified: -
5074
5075
#Module A
5076
icmp_echo_reply = y
5077
5078
5079
icmp_echo_code = !0
5080
icmp_echo_ip_id = !0
5081
icmp_echo_tos_bits = !0
5082
icmp_echo_df_bit = 0
5083
icmp_echo_reply_ttl = <64
5084
5085
#Module B
5086
icmp_timestamp_reply = y
5087
icmp_timestamp_reply_ttl = <64
5088
icmp_timestamp_reply_ip_id = !0
5089
5090
#Module C
5091
icmp_addrmask_reply = n
5092
icmp_addrmask_reply_ttl = <64
5093
icmp_addrmask_reply_ip_id = !0
5094
5095
#Module D
5096
icmp_info_reply = n
5097
icmp_info_reply_ttl = <64
5098
icmp_info_reply_ip_id = !0
5099
5100
#Module E
5101
icmp_unreach_reply = y
5102
icmp_unreach_echoed_dtsize = >64
5103
icmp_unreach_reply_ttl = <64
5104
icmp_unreach_precedence_bits = 0xc0
5105
icmp_unreach_df_bit = 0
5106
icmp_unreach_ip_id = !0
5107
5108
icmp_unreach_echoed_udp_cksum = OK
5109
icmp_unreach_echoed_ip_cksum = OK
5110
icmp_unreach_echoed_ip_id = OK
5111
icmp_unreach_echoed_total_len = OK
5112
icmp_unreach_echoed_3bit_flags = OK
5113
5114
#Module F [TCP SYN | ACK Module]
5115
#IP header of the TCP SYN ACK
5116
tcp_syn_ack_tos = 0
5117
tcp_syn_ack_df = 1
5118
tcp_syn_ack_ip_id = 0
5119
tcp_syn_ack_ttl = <64
5120
5121
#Information from the TCP header
5122
tcp_syn_ack_ack = 1
5123
tcp_syn_ack_window_size = 5792
5124
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5125
tcp_syn_ack_wscale = 0
5126
tcp_syn_ack_tsval = !0
5127
tcp_syn_ack_tsecr = !0
5128
5129
#Module G [TCP RST|ACK]
5130
tcp_rst_reply = y
5131
tcp_rst_df = 1
5132
tcp_rst_ip_id_1 = !0
5133
tcp_rst_ip_id_2 = !0
5134
tcp_rst_ip_id_strategy = I
5135
tcp_rst_ttl = <64
5136
}
5137
5138
fingerprint {
5139
OS_ID = "Linux Kernel 2.4.28"
5140
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5141
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5142
#Date: 14 December 2004
5143
#Modified:
5144
5145
#Module A
5146
icmp_echo_reply = y
5147
5148
5149
icmp_echo_code = !0
5150
icmp_echo_ip_id = !0
5151
icmp_echo_tos_bits = !0
5152
icmp_echo_df_bit = 0
5153
icmp_echo_reply_ttl = <64
5154
5155
#Module B
5156
icmp_timestamp_reply = y
5157
icmp_timestamp_reply_ttl = <64
5158
icmp_timestamp_reply_ip_id = !0
5159
5160
#Module C
5161
icmp_addrmask_reply = n
5162
icmp_addrmask_reply_ttl = <64
5163
icmp_addrmask_reply_ip_id = !0
5164
5165
#Module D
5166
icmp_info_reply = n
5167
icmp_info_reply_ttl = <64
5168
icmp_info_reply_ip_id = !0
5169
5170
#Module E
5171
icmp_unreach_reply = y
5172
icmp_unreach_echoed_dtsize = >64
5173
icmp_unreach_reply_ttl = <64
5174
icmp_unreach_precedence_bits = 0xc0
5175
icmp_unreach_df_bit = 0
5176
icmp_unreach_ip_id = !0
5177
5178
icmp_unreach_echoed_udp_cksum = OK
5179
icmp_unreach_echoed_ip_cksum = OK
5180
icmp_unreach_echoed_ip_id = OK
5181
icmp_unreach_echoed_total_len = OK
5182
icmp_unreach_echoed_3bit_flags = OK
5183
5184
#Module F [TCP SYN | ACK Module]
5185
#IP header of the TCP SYN ACK
5186
tcp_syn_ack_tos = 0
5187
tcp_syn_ack_df = 1
5188
tcp_syn_ack_ip_id = 0
5189
tcp_syn_ack_ttl = <64
5190
5191
#Information from the TCP header
5192
tcp_syn_ack_ack = 1
5193
tcp_syn_ack_window_size = 5792
5194
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5195
tcp_syn_ack_wscale = 0
5196
tcp_syn_ack_tsval = !0
5197
tcp_syn_ack_tsecr = !0
5198
5199
#Module G [TCP RST|ACK]
5200
tcp_rst_reply = y
5201
tcp_rst_df = 1
5202
tcp_rst_ip_id_1 = 0
5203
tcp_rst_ip_id_2 = 0
5204
tcp_rst_ip_id_strategy = 0
5205
tcp_rst_ttl = <64
5206
}
5207
5208
fingerprint {
5209
OS_ID = "Linux Kernel 2.4.27"
5210
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5211
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5212
#Date: 14 December 2004
5213
#Modified: -
5214
5215
#Module A
5216
icmp_echo_reply = y
5217
5218
5219
icmp_echo_code = !0
5220
icmp_echo_ip_id = !0
5221
icmp_echo_tos_bits = !0
5222
icmp_echo_df_bit = 0
5223
icmp_echo_reply_ttl = <64
5224
5225
#Module B
5226
icmp_timestamp_reply = y
5227
icmp_timestamp_reply_ttl = <64
5228
icmp_timestamp_reply_ip_id = !0
5229
5230
#Module C
5231
icmp_addrmask_reply = n
5232
icmp_addrmask_reply_ttl = <64
5233
icmp_addrmask_reply_ip_id = !0
5234
5235
#Module D
5236
icmp_info_reply = n
5237
icmp_info_reply_ttl = <64
5238
icmp_info_reply_ip_id = !0
5239
5240
#Module E
5241
icmp_unreach_reply = y
5242
icmp_unreach_echoed_dtsize = >64
5243
icmp_unreach_reply_ttl = <64
5244
icmp_unreach_precedence_bits = 0xc0
5245
icmp_unreach_df_bit = 0
5246
icmp_unreach_ip_id = !0
5247
5248
icmp_unreach_echoed_udp_cksum = OK
5249
icmp_unreach_echoed_ip_cksum = OK
5250
icmp_unreach_echoed_ip_id = OK
5251
icmp_unreach_echoed_total_len = OK
5252
icmp_unreach_echoed_3bit_flags = OK
5253
5254
#Module F [TCP SYN | ACK Module]
5255
#IP header of the TCP SYN ACK
5256
tcp_syn_ack_tos = 0
5257
tcp_syn_ack_df = 1
5258
tcp_syn_ack_ip_id = 0
5259
tcp_syn_ack_ttl = <64
5260
5261
#Information from the TCP header
5262
tcp_syn_ack_ack = 1
5263
tcp_syn_ack_window_size = 5792
5264
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5265
tcp_syn_ack_wscale = 0
5266
tcp_syn_ack_tsval = !0
5267
tcp_syn_ack_tsecr = !0
5268
5269
#Module G [TCP RST|ACK]
5270
tcp_rst_reply = y
5271
tcp_rst_df = 1
5272
tcp_rst_ip_id_1 = 0
5273
tcp_rst_ip_id_2 = 0
5274
tcp_rst_ip_id_strategy = 0
5275
tcp_rst_ttl = <64
5276
5277
}
5278
5279
fingerprint {
5280
OS_ID = "Linux Kernel 2.4.26"
5281
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5282
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5283
#Date: 14 December 2004
5284
#Modified:
5285
5286
#Module A
5287
icmp_echo_reply = y
5288
5289
5290
icmp_echo_code = !0
5291
icmp_echo_ip_id = !0
5292
icmp_echo_tos_bits = !0
5293
icmp_echo_df_bit = 0
5294
icmp_echo_reply_ttl = <64
5295
5296
#Module B
5297
icmp_timestamp_reply = y
5298
icmp_timestamp_reply_ttl = <64
5299
icmp_timestamp_reply_ip_id = !0
5300
5301
#Module C
5302
icmp_addrmask_reply = n
5303
icmp_addrmask_reply_ttl = <64
5304
icmp_addrmask_reply_ip_id = !0
5305
5306
#Module D
5307
icmp_info_reply = n
5308
icmp_info_reply_ttl = <64
5309
icmp_info_reply_ip_id = !0
5310
5311
#Module E
5312
icmp_unreach_reply = y
5313
icmp_unreach_echoed_dtsize = >64
5314
icmp_unreach_reply_ttl = <64
5315
icmp_unreach_precedence_bits = 0xc0
5316
icmp_unreach_df_bit = 0
5317
icmp_unreach_ip_id = !0
5318
5319
icmp_unreach_echoed_udp_cksum = OK
5320
icmp_unreach_echoed_ip_cksum = OK
5321
icmp_unreach_echoed_ip_id = OK
5322
icmp_unreach_echoed_total_len = OK
5323
icmp_unreach_echoed_3bit_flags = OK
5324
5325
#Module F [TCP SYN | ACK Module]
5326
#IP header of the TCP SYN ACK
5327
tcp_syn_ack_tos = 0
5328
tcp_syn_ack_df = 1
5329
tcp_syn_ack_ip_id = 0
5330
tcp_syn_ack_ttl = <64
5331
5332
#Information from the TCP header
5333
tcp_syn_ack_ack = 1
5334
tcp_syn_ack_window_size = 5792
5335
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5336
tcp_syn_ack_wscale = 0
5337
tcp_syn_ack_tsval = !0
5338
tcp_syn_ack_tsecr = !0
5339
5340
#Module G [TCP RST|ACK]
5341
tcp_rst_reply = y
5342
tcp_rst_df = 1
5343
tcp_rst_ip_id_1 = 0
5344
tcp_rst_ip_id_2 = 0
5345
tcp_rst_ip_id_strategy = 0
5346
tcp_rst_ttl = <64
5347
5348
}
5349
5350
fingerprint {
5351
OS_ID = "Linux Kernel 2.4.25"
5352
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5353
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5354
#Date: 14 December 2004
5355
#Modified:
5356
5357
#Module A
5358
icmp_echo_reply = y
5359
5360
5361
icmp_echo_code = !0
5362
icmp_echo_ip_id = !0
5363
icmp_echo_tos_bits = !0
5364
icmp_echo_df_bit = 0
5365
icmp_echo_reply_ttl = <64
5366
5367
#Module B
5368
icmp_timestamp_reply = y
5369
icmp_timestamp_reply_ttl = <64
5370
icmp_timestamp_reply_ip_id = !0
5371
5372
#Module C
5373
icmp_addrmask_reply = n
5374
icmp_addrmask_reply_ttl = <64
5375
icmp_addrmask_reply_ip_id = !0
5376
5377
#Module D
5378
icmp_info_reply = n
5379
icmp_info_reply_ttl = <64
5380
icmp_info_reply_ip_id = !0
5381
5382
#Module E
5383
icmp_unreach_reply = y
5384
icmp_unreach_echoed_dtsize = >64
5385
icmp_unreach_reply_ttl = <64
5386
icmp_unreach_precedence_bits = 0xc0
5387
icmp_unreach_df_bit = 0
5388
icmp_unreach_ip_id = !0
5389
5390
icmp_unreach_echoed_udp_cksum = OK
5391
icmp_unreach_echoed_ip_cksum = OK
5392
icmp_unreach_echoed_ip_id = OK
5393
icmp_unreach_echoed_total_len = OK
5394
icmp_unreach_echoed_3bit_flags = OK
5395
5396
#Module F [TCP SYN | ACK Module]
5397
#IP header of the TCP SYN ACK
5398
tcp_syn_ack_tos = 0
5399
tcp_syn_ack_df = 1
5400
tcp_syn_ack_ip_id = 0
5401
tcp_syn_ack_ttl = <64
5402
5403
#Information from the TCP header
5404
tcp_syn_ack_ack = 1
5405
tcp_syn_ack_window_size = 5792
5406
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5407
tcp_syn_ack_wscale = 0
5408
tcp_syn_ack_tsval = !0
5409
tcp_syn_ack_tsecr = !0
5410
5411
5412
#Module G [TCP RST|ACK]
5413
tcp_rst_reply = y
5414
tcp_rst_df = 1
5415
tcp_rst_ip_id_1 = 0
5416
tcp_rst_ip_id_2 = 0
5417
tcp_rst_ip_id_strategy = 0
5418
tcp_rst_ttl = <64
5419
5420
}
5421
5422
fingerprint {
5423
OS_ID = "Linux Kernel 2.4.24"
5424
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5425
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5426
#Date: 14 December 2004
5427
#Modified:
5428
5429
#Module A
5430
icmp_echo_reply = y
5431
5432
5433
icmp_echo_code = !0
5434
icmp_echo_ip_id = !0
5435
icmp_echo_tos_bits = !0
5436
icmp_echo_df_bit = 0
5437
icmp_echo_reply_ttl = <64
5438
5439
#Module B
5440
icmp_timestamp_reply = y
5441
icmp_timestamp_reply_ttl = <64
5442
icmp_timestamp_reply_ip_id = !0
5443
5444
#Module C
5445
icmp_addrmask_reply = n
5446
icmp_addrmask_reply_ttl = <64
5447
icmp_addrmask_reply_ip_id = !0
5448
5449
#Module D
5450
icmp_info_reply = n
5451
icmp_info_reply_ttl = <64
5452
icmp_info_reply_ip_id = !0
5453
5454
#Module E
5455
icmp_unreach_reply = y
5456
icmp_unreach_echoed_dtsize = >64
5457
icmp_unreach_reply_ttl = <64
5458
icmp_unreach_precedence_bits = 0xc0
5459
icmp_unreach_df_bit = 0
5460
icmp_unreach_ip_id = !0
5461
5462
icmp_unreach_echoed_udp_cksum = OK
5463
icmp_unreach_echoed_ip_cksum = OK
5464
icmp_unreach_echoed_ip_id = OK
5465
icmp_unreach_echoed_total_len = OK
5466
icmp_unreach_echoed_3bit_flags = OK
5467
5468
#Module F [TCP SYN | ACK Module]
5469
#IP header of the TCP SYN ACK
5470
tcp_syn_ack_tos = 0
5471
tcp_syn_ack_df = 1
5472
tcp_syn_ack_ip_id = 0
5473
tcp_syn_ack_ttl = <64
5474
5475
#Information from the TCP header
5476
tcp_syn_ack_ack = 1
5477
tcp_syn_ack_window_size = 5792
5478
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5479
tcp_syn_ack_wscale = 0
5480
tcp_syn_ack_tsval = !0
5481
tcp_syn_ack_tsecr = !0
5482
5483
#Module G [TCP RST|ACK]
5484
tcp_rst_reply = y
5485
tcp_rst_df = 1
5486
tcp_rst_ip_id_1 = 0
5487
tcp_rst_ip_id_2 = 0
5488
tcp_rst_ip_id_strategy = 0
5489
tcp_rst_ttl = <64
5490
}
5491
5492
fingerprint {
5493
OS_ID = "Linux Kernel 2.4.23"
5494
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5495
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5496
#Date: 14 December 2004
5497
#Modified:
5498
5499
#Module A
5500
icmp_echo_reply = y
5501
5502
5503
icmp_echo_code = !0
5504
icmp_echo_ip_id = !0
5505
icmp_echo_tos_bits = !0
5506
icmp_echo_df_bit = 0
5507
icmp_echo_reply_ttl = <64
5508
5509
#Module B
5510
icmp_timestamp_reply = y
5511
icmp_timestamp_reply_ttl = <64
5512
icmp_timestamp_reply_ip_id = !0
5513
5514
#Module C
5515
icmp_addrmask_reply = n
5516
icmp_addrmask_reply_ttl = <64
5517
icmp_addrmask_reply_ip_id = !0
5518
5519
#Module D
5520
icmp_info_reply = n
5521
icmp_info_reply_ttl = <64
5522
icmp_info_reply_ip_id = !0
5523
5524
#Module E
5525
icmp_unreach_reply = y
5526
icmp_unreach_echoed_dtsize = >64
5527
icmp_unreach_reply_ttl = <64
5528
icmp_unreach_precedence_bits = 0xc0
5529
icmp_unreach_df_bit = 0
5530
icmp_unreach_ip_id = !0
5531
5532
icmp_unreach_echoed_udp_cksum = OK
5533
icmp_unreach_echoed_ip_cksum = OK
5534
icmp_unreach_echoed_ip_id = OK
5535
icmp_unreach_echoed_total_len = OK
5536
icmp_unreach_echoed_3bit_flags = OK
5537
5538
#Module F [TCP SYN | ACK Module]
5539
#IP header of the TCP SYN ACK
5540
tcp_syn_ack_tos = 0
5541
tcp_syn_ack_df = 1
5542
tcp_syn_ack_ip_id = 0
5543
tcp_syn_ack_ttl = <64
5544
5545
#Information from the TCP header
5546
tcp_syn_ack_ack = 1
5547
tcp_syn_ack_window_size = 5792
5548
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5549
tcp_syn_ack_wscale = 0
5550
tcp_syn_ack_tsval = !0
5551
tcp_syn_ack_tsecr = !0
5552
5553
#Module G [TCP RST|ACK]
5554
tcp_rst_reply = y
5555
tcp_rst_df = 1
5556
tcp_rst_ip_id_1 = 0
5557
tcp_rst_ip_id_2 = 0
5558
tcp_rst_ip_id_strategy = 0
5559
tcp_rst_ttl = <64
5560
}
5561
5562
fingerprint {
5563
OS_ID = "Linux Kernel 2.4.22"
5564
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5565
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5566
#Date: 14 December 2004
5567
#Modified:
5568
5569
#Module A
5570
icmp_echo_reply = y
5571
5572
5573
icmp_echo_code = !0
5574
icmp_echo_ip_id = !0
5575
icmp_echo_tos_bits = !0
5576
icmp_echo_df_bit = 0
5577
icmp_echo_reply_ttl = <64
5578
5579
#Module B
5580
icmp_timestamp_reply = y
5581
icmp_timestamp_reply_ttl = <64
5582
icmp_timestamp_reply_ip_id = !0
5583
5584
#Module C
5585
icmp_addrmask_reply = n
5586
icmp_addrmask_reply_ttl = <64
5587
icmp_addrmask_reply_ip_id = !0
5588
5589
#Module D
5590
icmp_info_reply = n
5591
icmp_info_reply_ttl = <64
5592
icmp_info_reply_ip_id = !0
5593
5594
#Module E
5595
icmp_unreach_reply = y
5596
icmp_unreach_echoed_dtsize = >64
5597
icmp_unreach_reply_ttl = <64
5598
icmp_unreach_precedence_bits = 0xc0
5599
icmp_unreach_df_bit = 0
5600
icmp_unreach_ip_id = !0
5601
5602
icmp_unreach_echoed_udp_cksum = OK
5603
icmp_unreach_echoed_ip_cksum = OK
5604
icmp_unreach_echoed_ip_id = OK
5605
icmp_unreach_echoed_total_len = OK
5606
icmp_unreach_echoed_3bit_flags = OK
5607
5608
#Module F [TCP SYN | ACK Module]
5609
#IP header of the TCP SYN ACK
5610
tcp_syn_ack_tos = 0
5611
tcp_syn_ack_df = 1
5612
tcp_syn_ack_ip_id = 0
5613
tcp_syn_ack_ttl = <64
5614
5615
#Information from the TCP header
5616
tcp_syn_ack_ack = 1
5617
tcp_syn_ack_window_size = 5792
5618
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5619
tcp_syn_ack_wscale = 0
5620
tcp_syn_ack_tsval = !0
5621
tcp_syn_ack_tsecr = !0
5622
5623
#Module G [TCP RST|ACK]
5624
tcp_rst_reply = y
5625
tcp_rst_df = 1
5626
tcp_rst_ip_id_1 = 0
5627
tcp_rst_ip_id_2 = 0
5628
tcp_rst_ip_id_strategy = 0
5629
tcp_rst_ttl = <64
5630
}
5631
5632
fingerprint {
5633
OS_ID = "Linux Kernel 2.4.21"
5634
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5635
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5636
#Date: 20 July 2002
5637
#Modified: 08 July 2003
5638
5639
#Module A
5640
icmp_echo_reply = y
5641
5642
5643
icmp_echo_code = !0
5644
icmp_echo_ip_id = !0
5645
icmp_echo_tos_bits = !0
5646
icmp_echo_df_bit = 0
5647
icmp_echo_reply_ttl = <64
5648
5649
#Module B
5650
icmp_timestamp_reply = y
5651
icmp_timestamp_reply_ttl = <64
5652
icmp_timestamp_reply_ip_id = !0
5653
5654
#Module C
5655
icmp_addrmask_reply = n
5656
icmp_addrmask_reply_ttl = <64
5657
icmp_addrmask_reply_ip_id = !0
5658
5659
#Module D
5660
icmp_info_reply = n
5661
icmp_info_reply_ttl = <64
5662
icmp_info_reply_ip_id = !0
5663
5664
#Module E
5665
icmp_unreach_reply = y
5666
icmp_unreach_echoed_dtsize = >64
5667
icmp_unreach_reply_ttl = <64
5668
icmp_unreach_precedence_bits = 0xc0
5669
icmp_unreach_df_bit = 0
5670
icmp_unreach_ip_id = !0
5671
5672
icmp_unreach_echoed_udp_cksum = OK
5673
icmp_unreach_echoed_ip_cksum = OK
5674
icmp_unreach_echoed_ip_id = OK
5675
icmp_unreach_echoed_total_len = OK
5676
icmp_unreach_echoed_3bit_flags = OK
5677
5678
#Module F [TCP SYN | ACK Module]
5679
#IP header of the TCP SYN ACK
5680
tcp_syn_ack_tos = 0
5681
tcp_syn_ack_df = 1
5682
tcp_syn_ack_ip_id = 0
5683
tcp_syn_ack_ttl = <64
5684
5685
#Information from the TCP header
5686
tcp_syn_ack_ack = 1
5687
tcp_syn_ack_window_size = 5792
5688
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5689
tcp_syn_ack_wscale = 0
5690
tcp_syn_ack_tsval = !0
5691
tcp_syn_ack_tsecr = !0
5692
5693
#Module G [TCP RST|ACK]
5694
tcp_rst_reply = y
5695
tcp_rst_df = 1
5696
tcp_rst_ip_id_1 = 0
5697
tcp_rst_ip_id_2 = 0
5698
tcp_rst_ip_id_strategy = 0
5699
tcp_rst_ttl = <64
5700
}
5701
5702
fingerprint {
5703
OS_ID = "Linux Kernel 2.4.20"
5704
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5705
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5706
#Date: 20 July 2002
5707
#Modified: 08 July 2003
5708
5709
#Module A
5710
icmp_echo_reply = y
5711
5712
5713
icmp_echo_code = !0
5714
icmp_echo_ip_id = !0
5715
icmp_echo_tos_bits = !0
5716
icmp_echo_df_bit = 0
5717
icmp_echo_reply_ttl = <64
5718
5719
#Module B
5720
icmp_timestamp_reply = y
5721
icmp_timestamp_reply_ttl = <64
5722
icmp_timestamp_reply_ip_id = !0
5723
5724
#Module C
5725
icmp_addrmask_reply = n
5726
icmp_addrmask_reply_ttl = <64
5727
icmp_addrmask_reply_ip_id = !0
5728
5729
#Module D
5730
icmp_info_reply = n
5731
icmp_info_reply_ttl = <64
5732
icmp_info_reply_ip_id = !0
5733
5734
#Module E
5735
icmp_unreach_reply = y
5736
icmp_unreach_echoed_dtsize = >64
5737
icmp_unreach_reply_ttl = <64
5738
icmp_unreach_precedence_bits = 0xc0
5739
icmp_unreach_df_bit = 0
5740
icmp_unreach_ip_id = !0
5741
5742
icmp_unreach_echoed_udp_cksum = OK
5743
icmp_unreach_echoed_ip_cksum = OK
5744
icmp_unreach_echoed_ip_id = OK
5745
icmp_unreach_echoed_total_len = OK
5746
icmp_unreach_echoed_3bit_flags = OK
5747
5748
#Module F [TCP SYN | ACK Module]
5749
#IP header of the TCP SYN ACK
5750
tcp_syn_ack_tos = 0
5751
tcp_syn_ack_df = 1
5752
tcp_syn_ack_ip_id = 0
5753
tcp_syn_ack_ttl = <64
5754
5755
#Information from the TCP header
5756
tcp_syn_ack_ack = 1
5757
tcp_syn_ack_window_size = 5792
5758
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5759
tcp_syn_ack_wscale = 0
5760
tcp_syn_ack_tsval = !0
5761
tcp_syn_ack_tsecr = !0
5762
5763
#Module G [TCP RST|ACK]
5764
tcp_rst_reply = y
5765
tcp_rst_df = 1
5766
tcp_rst_ip_id_1 = 0
5767
tcp_rst_ip_id_2 = 0
5768
tcp_rst_ip_id_strategy = 0
5769
tcp_rst_ttl = <64
5770
}
5771
5772
fingerprint {
5773
OS_ID = "Linux Kernel 2.4.19"
5774
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5775
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5776
#Date: 20 July 2002
5777
#Modified: 08 July 2003
5778
5779
#Module A
5780
icmp_echo_reply = y
5781
5782
5783
icmp_echo_code = !0
5784
icmp_echo_ip_id = !0
5785
icmp_echo_tos_bits = !0
5786
icmp_echo_df_bit = 0
5787
icmp_echo_reply_ttl = <64
5788
5789
#Module B
5790
icmp_timestamp_reply = y
5791
icmp_timestamp_reply_ttl = <64
5792
icmp_timestamp_reply_ip_id = !0
5793
5794
#Module C
5795
icmp_addrmask_reply = n
5796
icmp_addrmask_reply_ttl = <64
5797
icmp_addrmask_reply_ip_id = !0
5798
5799
#Module D
5800
icmp_info_reply = n
5801
icmp_info_reply_ttl = <64
5802
icmp_info_reply_ip_id = !0
5803
5804
#Module E
5805
icmp_unreach_reply = y
5806
icmp_unreach_echoed_dtsize = >64
5807
icmp_unreach_reply_ttl = <64
5808
icmp_unreach_precedence_bits = 0xc0
5809
icmp_unreach_df_bit = 0
5810
icmp_unreach_ip_id = !0
5811
5812
icmp_unreach_echoed_udp_cksum = OK
5813
icmp_unreach_echoed_ip_cksum = OK
5814
icmp_unreach_echoed_ip_id = OK
5815
icmp_unreach_echoed_total_len = OK
5816
icmp_unreach_echoed_3bit_flags = OK
5817
5818
#Module F [TCP SYN | ACK Module]
5819
#IP header of the TCP SYN ACK
5820
tcp_syn_ack_tos = 0
5821
tcp_syn_ack_df = 1
5822
tcp_syn_ack_ip_id = 0
5823
tcp_syn_ack_ttl = <64
5824
5825
#Information from the TCP header
5826
tcp_syn_ack_ack = 1
5827
tcp_syn_ack_window_size = 5792
5828
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5829
tcp_syn_ack_wscale = 0
5830
tcp_syn_ack_tsval = !0
5831
tcp_syn_ack_tsecr = !0
5832
5833
#Module G [TCP RST|ACK]
5834
tcp_rst_reply = y
5835
tcp_rst_df = 1
5836
tcp_rst_ip_id_1 = 0
5837
tcp_rst_ip_id_2 = 0
5838
tcp_rst_ip_id_strategy = 0
5839
tcp_rst_ttl = <64
5840
}
5841
5842
fingerprint {
5843
OS_ID = "Linux Kernel 2.4.18"
5844
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5845
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5846
#Date: 20 July 2002
5847
#Modified: 08 July 2003
5848
5849
#Module A
5850
icmp_echo_reply = y
5851
5852
5853
icmp_echo_code = !0
5854
icmp_echo_ip_id = !0
5855
icmp_echo_tos_bits = !0
5856
icmp_echo_df_bit = 0
5857
icmp_echo_reply_ttl = <255
5858
5859
#Module B
5860
icmp_timestamp_reply = y
5861
icmp_timestamp_reply_ttl = <255
5862
icmp_timestamp_reply_ip_id = !0
5863
5864
#Module C
5865
icmp_addrmask_reply = n
5866
icmp_addrmask_reply_ttl = <255
5867
icmp_addrmask_reply_ip_id = !0
5868
5869
#Module D
5870
icmp_info_reply = n
5871
icmp_info_reply_ttl = <255
5872
icmp_info_reply_ip_id = !0
5873
5874
#Module E
5875
icmp_unreach_reply = y
5876
icmp_unreach_echoed_dtsize = >64
5877
icmp_unreach_reply_ttl = <255
5878
icmp_unreach_precedence_bits = 0xc0
5879
icmp_unreach_df_bit = 0
5880
icmp_unreach_ip_id = !0
5881
5882
icmp_unreach_echoed_udp_cksum = OK
5883
icmp_unreach_echoed_ip_cksum = OK
5884
icmp_unreach_echoed_ip_id = OK
5885
icmp_unreach_echoed_total_len = OK
5886
icmp_unreach_echoed_3bit_flags = OK
5887
5888
#Module F [TCP SYN | ACK Module]
5889
#IP header of the TCP SYN ACK
5890
tcp_syn_ack_tos = 0
5891
tcp_syn_ack_df = 1
5892
tcp_syn_ack_ip_id = 0
5893
tcp_syn_ack_ttl = <64
5894
5895
#Information from the TCP header
5896
tcp_syn_ack_ack = 1
5897
tcp_syn_ack_window_size = 5792
5898
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5899
tcp_syn_ack_wscale = 0
5900
tcp_syn_ack_tsval = !0
5901
tcp_syn_ack_tsecr = !0
5902
5903
#Module G [TCP RST|ACK]
5904
tcp_rst_reply = y
5905
tcp_rst_df = 1
5906
tcp_rst_ip_id_1 = 0
5907
tcp_rst_ip_id_2 = 0
5908
tcp_rst_ip_id_strategy = 0
5909
tcp_rst_ttl = <255
5910
}
5911
5912
fingerprint {
5913
OS_ID = "Linux Kernel 2.4.17"
5914
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5915
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5916
#Date: 20 July 2002
5917
#Modified: 08 July 2003
5918
5919
#Module A
5920
icmp_echo_reply = y
5921
5922
5923
icmp_echo_code = !0
5924
icmp_echo_ip_id = !0
5925
icmp_echo_tos_bits = !0
5926
icmp_echo_df_bit = 0
5927
icmp_echo_reply_ttl = <255
5928
5929
#Module B
5930
icmp_timestamp_reply = y
5931
icmp_timestamp_reply_ttl = <255
5932
icmp_timestamp_reply_ip_id = !0
5933
5934
#Module C
5935
icmp_addrmask_reply = n
5936
icmp_addrmask_reply_ttl = <255
5937
icmp_addrmask_reply_ip_id = !0
5938
5939
#Module D
5940
icmp_info_reply = n
5941
icmp_info_reply_ttl = <255
5942
icmp_info_reply_ip_id = !0
5943
5944
#Module E
5945
icmp_unreach_reply = y
5946
icmp_unreach_echoed_dtsize = >64
5947
icmp_unreach_reply_ttl = <255
5948
icmp_unreach_precedence_bits = 0xc0
5949
icmp_unreach_df_bit = 0
5950
icmp_unreach_ip_id = !0
5951
5952
icmp_unreach_echoed_udp_cksum = OK
5953
icmp_unreach_echoed_ip_cksum = OK
5954
icmp_unreach_echoed_ip_id = OK
5955
icmp_unreach_echoed_total_len = OK
5956
icmp_unreach_echoed_3bit_flags = OK
5957
5958
#Module F [TCP SYN | ACK Module]
5959
#IP header of the TCP SYN ACK
5960
tcp_syn_ack_tos = 0
5961
tcp_syn_ack_df = 1
5962
tcp_syn_ack_ip_id = 0
5963
tcp_syn_ack_ttl = <64
5964
5965
#Information from the TCP header
5966
tcp_syn_ack_ack = 1
5967
tcp_syn_ack_window_size = 5792
5968
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
5969
tcp_syn_ack_wscale = 0
5970
tcp_syn_ack_tsval = !0
5971
tcp_syn_ack_tsecr = !0
5972
5973
#Module G [TCP RST|ACK]
5974
tcp_rst_reply = y
5975
tcp_rst_df = 1
5976
tcp_rst_ip_id_1 = 0
5977
tcp_rst_ip_id_2 = 0
5978
tcp_rst_ip_id_strategy = 0
5979
tcp_rst_ttl = <255
5980
}
5981
5982
fingerprint {
5983
OS_ID = "Linux Kernel 2.4.16"
5984
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
5985
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
5986
#Date: 20 July 2002
5987
#Modified: 08 July 2003
5988
5989
#Module A
5990
icmp_echo_reply = y
5991
5992
5993
icmp_echo_code = !0
5994
icmp_echo_ip_id = !0
5995
icmp_echo_tos_bits = !0
5996
icmp_echo_df_bit = 0
5997
icmp_echo_reply_ttl = <255
5998
5999
#Module B
6000
icmp_timestamp_reply = y
6001
icmp_timestamp_reply_ttl = <255
6002
icmp_timestamp_reply_ip_id = !0
6003
6004
#Module C
6005
icmp_addrmask_reply = n
6006
icmp_addrmask_reply_ttl = <255
6007
icmp_addrmask_reply_ip_id = !0
6008
6009
#Module D
6010
icmp_info_reply = n
6011
icmp_info_reply_ttl = <255
6012
icmp_info_reply_ip_id = !0
6013
6014
#Module E
6015
icmp_unreach_reply = y
6016
icmp_unreach_echoed_dtsize = >64
6017
icmp_unreach_reply_ttl = <255
6018
icmp_unreach_precedence_bits = 0xc0
6019
icmp_unreach_df_bit = 0
6020
icmp_unreach_ip_id = !0
6021
6022
icmp_unreach_echoed_udp_cksum = OK
6023
icmp_unreach_echoed_ip_cksum = OK
6024
icmp_unreach_echoed_ip_id = OK
6025
icmp_unreach_echoed_total_len = OK
6026
icmp_unreach_echoed_3bit_flags = OK
6027
6028
#Module F [TCP SYN | ACK Module]
6029
#IP header of the TCP SYN ACK
6030
tcp_syn_ack_tos = 0
6031
tcp_syn_ack_df = 1
6032
tcp_syn_ack_ip_id = 0
6033
tcp_syn_ack_ttl = <64
6034
6035
#Information from the TCP header
6036
tcp_syn_ack_ack = 1
6037
tcp_syn_ack_window_size = 5792
6038
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6039
tcp_syn_ack_wscale = 0
6040
tcp_syn_ack_tsval = !0
6041
tcp_syn_ack_tsecr = !0
6042
6043
#Module G [TCP RST|ACK]
6044
tcp_rst_reply = y
6045
tcp_rst_df = 1
6046
tcp_rst_ip_id_1 = 0
6047
tcp_rst_ip_id_2 = 0
6048
tcp_rst_ip_id_strategy = 0
6049
tcp_rst_ttl = <255
6050
}
6051
6052
fingerprint {
6053
OS_ID = "Linux Kernel 2.4.15"
6054
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6055
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6056
#Date: 20 July 2002
6057
#Modified: 08 July 2003
6058
6059
#Module A
6060
icmp_echo_reply = y
6061
6062
6063
icmp_echo_code = !0
6064
icmp_echo_ip_id = !0
6065
icmp_echo_tos_bits = !0
6066
icmp_echo_df_bit = 0
6067
icmp_echo_reply_ttl = <255
6068
6069
#Module B
6070
icmp_timestamp_reply = y
6071
icmp_timestamp_reply_ttl = <255
6072
icmp_timestamp_reply_ip_id = !0
6073
6074
#Module C
6075
icmp_addrmask_reply = n
6076
icmp_addrmask_reply_ttl = <255
6077
icmp_addrmask_reply_ip_id = !0
6078
6079
#Module D
6080
icmp_info_reply = n
6081
icmp_info_reply_ttl = <255
6082
icmp_info_reply_ip_id = !0
6083
6084
#Module E
6085
icmp_unreach_reply = y
6086
icmp_unreach_echoed_dtsize = >64
6087
icmp_unreach_reply_ttl = <255
6088
icmp_unreach_precedence_bits = 0xc0
6089
icmp_unreach_df_bit = 0
6090
icmp_unreach_ip_id = !0
6091
6092
icmp_unreach_echoed_udp_cksum = OK
6093
icmp_unreach_echoed_ip_cksum = OK
6094
icmp_unreach_echoed_ip_id = OK
6095
icmp_unreach_echoed_total_len = OK
6096
icmp_unreach_echoed_3bit_flags = OK
6097
6098
#Module F [TCP SYN | ACK Module]
6099
#IP header of the TCP SYN ACK
6100
tcp_syn_ack_tos = 0
6101
tcp_syn_ack_df = 1
6102
tcp_syn_ack_ip_id = 0
6103
tcp_syn_ack_ttl = <64
6104
6105
#Information from the TCP header
6106
tcp_syn_ack_ack = 1
6107
tcp_syn_ack_window_size = 5792
6108
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6109
tcp_syn_ack_wscale = 0
6110
tcp_syn_ack_tsval = !0
6111
tcp_syn_ack_tsecr = !0
6112
6113
#Module G [TCP RST|ACK]
6114
tcp_rst_reply = y
6115
tcp_rst_df = 1
6116
tcp_rst_ip_id_1 = 0
6117
tcp_rst_ip_id_2 = 0
6118
tcp_rst_ip_id_strategy = 0
6119
tcp_rst_ttl = <255
6120
}
6121
6122
fingerprint {
6123
OS_ID = "Linux Kernel 2.4.14"
6124
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6125
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6126
#Date: 20 July 2002
6127
#Modified: 08 July 2003
6128
6129
#Module A
6130
icmp_echo_reply = y
6131
6132
6133
icmp_echo_code = !0
6134
icmp_echo_ip_id = !0
6135
icmp_echo_tos_bits = !0
6136
icmp_echo_df_bit = 0
6137
icmp_echo_reply_ttl = <255
6138
6139
#Module B
6140
icmp_timestamp_reply = y
6141
icmp_timestamp_reply_ttl = <255
6142
icmp_timestamp_reply_ip_id = !0
6143
6144
#Module C
6145
icmp_addrmask_reply = n
6146
icmp_addrmask_reply_ttl = <255
6147
icmp_addrmask_reply_ip_id = !0
6148
6149
#Module D
6150
icmp_info_reply = n
6151
icmp_info_reply_ttl = <255
6152
icmp_info_reply_ip_id = !0
6153
6154
#Module E
6155
icmp_unreach_reply = y
6156
icmp_unreach_echoed_dtsize = >64
6157
icmp_unreach_reply_ttl = <255
6158
icmp_unreach_precedence_bits = 0xc0
6159
icmp_unreach_df_bit = 0
6160
icmp_unreach_ip_id = !0
6161
6162
icmp_unreach_echoed_udp_cksum = OK
6163
icmp_unreach_echoed_ip_cksum = OK
6164
icmp_unreach_echoed_ip_id = OK
6165
icmp_unreach_echoed_total_len = OK
6166
icmp_unreach_echoed_3bit_flags = OK
6167
6168
#Module F [TCP SYN | ACK Module]
6169
#IP header of the TCP SYN ACK
6170
tcp_syn_ack_tos = 0
6171
tcp_syn_ack_df = 1
6172
tcp_syn_ack_ip_id = 0
6173
tcp_syn_ack_ttl = <64
6174
6175
#Information from the TCP header
6176
tcp_syn_ack_ack = 1
6177
tcp_syn_ack_window_size = 5792
6178
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6179
tcp_syn_ack_wscale = 0
6180
tcp_syn_ack_tsval = !0
6181
tcp_syn_ack_tsecr = !0
6182
6183
#Module G [TCP RST|ACK]
6184
tcp_rst_reply = y
6185
tcp_rst_df = 1
6186
tcp_rst_ip_id_1 = 0
6187
tcp_rst_ip_id_2 = 0
6188
tcp_rst_ip_id_strategy = 0
6189
tcp_rst_ttl = <255
6190
}
6191
6192
fingerprint {
6193
OS_ID = "Linux Kernel 2.4.13"
6194
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6195
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6196
#Date: 20 July 2002
6197
#Modified: 08 July 2003
6198
6199
#Module A
6200
icmp_echo_reply = y
6201
6202
6203
icmp_echo_code = !0
6204
icmp_echo_ip_id = !0
6205
icmp_echo_tos_bits = !0
6206
icmp_echo_df_bit = 0
6207
icmp_echo_reply_ttl = <255
6208
6209
#Module B
6210
icmp_timestamp_reply = y
6211
icmp_timestamp_reply_ttl = <255
6212
icmp_timestamp_reply_ip_id = !0
6213
6214
#Module C
6215
icmp_addrmask_reply = n
6216
icmp_addrmask_reply_ttl = <255
6217
icmp_addrmask_reply_ip_id = !0
6218
6219
#Module D
6220
icmp_info_reply = n
6221
icmp_info_reply_ttl = <255
6222
icmp_info_reply_ip_id = !0
6223
6224
#Module E
6225
icmp_unreach_reply = y
6226
icmp_unreach_echoed_dtsize = >64
6227
icmp_unreach_reply_ttl = <255
6228
icmp_unreach_precedence_bits = 0xc0
6229
icmp_unreach_df_bit = 0
6230
icmp_unreach_ip_id = !0
6231
6232
icmp_unreach_echoed_udp_cksum = OK
6233
icmp_unreach_echoed_ip_cksum = OK
6234
icmp_unreach_echoed_ip_id = OK
6235
icmp_unreach_echoed_total_len = OK
6236
icmp_unreach_echoed_3bit_flags = OK
6237
6238
#Module F [TCP SYN | ACK Module]
6239
#IP header of the TCP SYN ACK
6240
tcp_syn_ack_tos = 0
6241
tcp_syn_ack_df = 1
6242
tcp_syn_ack_ip_id = 0
6243
tcp_syn_ack_ttl = <64
6244
6245
#Information from the TCP header
6246
tcp_syn_ack_ack = 1
6247
tcp_syn_ack_window_size = 5792
6248
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6249
tcp_syn_ack_wscale = 0
6250
tcp_syn_ack_tsval = !0
6251
tcp_syn_ack_tsecr = !0
6252
6253
#Module G [TCP RST|ACK]
6254
tcp_rst_reply = y
6255
tcp_rst_df = 1
6256
tcp_rst_ip_id_1 = 0
6257
tcp_rst_ip_id_2 = 0
6258
tcp_rst_ip_id_strategy = 0
6259
tcp_rst_ttl = <255
6260
}
6261
6262
fingerprint {
6263
OS_ID = "Linux Kernel 2.4.12"
6264
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6265
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6266
#Date: 20 July 2002
6267
#Modified: 08 July 2003
6268
6269
#Module A
6270
icmp_echo_reply = y
6271
6272
6273
icmp_echo_code = !0
6274
icmp_echo_ip_id = !0
6275
icmp_echo_tos_bits = !0
6276
icmp_echo_df_bit = 0
6277
icmp_echo_reply_ttl = <255
6278
6279
#Module B
6280
icmp_timestamp_reply = y
6281
icmp_timestamp_reply_ttl = <255
6282
icmp_timestamp_reply_ip_id = !0
6283
6284
#Module C
6285
icmp_addrmask_reply = n
6286
icmp_addrmask_reply_ttl = <255
6287
icmp_addrmask_reply_ip_id = !0
6288
6289
#Module D
6290
icmp_info_reply = n
6291
icmp_info_reply_ttl = <255
6292
icmp_info_reply_ip_id = !0
6293
6294
#Module E
6295
icmp_unreach_reply = y
6296
icmp_unreach_echoed_dtsize = >64
6297
icmp_unreach_reply_ttl = <255
6298
icmp_unreach_precedence_bits = 0xc0
6299
icmp_unreach_df_bit = 0
6300
icmp_unreach_ip_id = !0
6301
6302
icmp_unreach_echoed_udp_cksum = OK
6303
icmp_unreach_echoed_ip_cksum = OK
6304
icmp_unreach_echoed_ip_id = OK
6305
icmp_unreach_echoed_total_len = OK
6306
icmp_unreach_echoed_3bit_flags = OK
6307
6308
#Module F [TCP SYN | ACK Module]
6309
#IP header of the TCP SYN ACK
6310
tcp_syn_ack_tos = 0
6311
tcp_syn_ack_df = 1
6312
tcp_syn_ack_ip_id = 0
6313
tcp_syn_ack_ttl = <64
6314
6315
#Information from the TCP header
6316
tcp_syn_ack_ack = 1
6317
tcp_syn_ack_window_size = 5792
6318
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6319
tcp_syn_ack_wscale = 0
6320
tcp_syn_ack_tsval = !0
6321
tcp_syn_ack_tsecr = !0
6322
6323
#Module G [TCP RST|ACK]
6324
tcp_rst_reply = y
6325
tcp_rst_df = 1
6326
tcp_rst_ip_id_1 = 0
6327
tcp_rst_ip_id_2 = 0
6328
tcp_rst_ip_id_strategy = 0
6329
tcp_rst_ttl = <255
6330
}
6331
6332
fingerprint {
6333
OS_ID = "Linux Kernel 2.4.11"
6334
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6335
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6336
#Date: 20 July 2002
6337
#Modified: 08 July 2003
6338
6339
#Module A
6340
icmp_echo_reply = y
6341
6342
6343
icmp_echo_code = !0
6344
icmp_echo_ip_id = !0
6345
icmp_echo_tos_bits = !0
6346
icmp_echo_df_bit = 0
6347
icmp_echo_reply_ttl = <255
6348
6349
#Module B
6350
icmp_timestamp_reply = y
6351
icmp_timestamp_reply_ttl = <255
6352
icmp_timestamp_reply_ip_id = !0
6353
6354
#Module C
6355
icmp_addrmask_reply = n
6356
icmp_addrmask_reply_ttl = <255
6357
icmp_addrmask_reply_ip_id = !0
6358
6359
#Module D
6360
icmp_info_reply = n
6361
icmp_info_reply_ttl = <255
6362
icmp_info_reply_ip_id = !0
6363
6364
#Module E
6365
icmp_unreach_reply = y
6366
icmp_unreach_echoed_dtsize = >64
6367
icmp_unreach_reply_ttl = <255
6368
icmp_unreach_precedence_bits = 0xc0
6369
icmp_unreach_df_bit = 0
6370
icmp_unreach_ip_id = !0
6371
6372
icmp_unreach_echoed_udp_cksum = OK
6373
icmp_unreach_echoed_ip_cksum = OK
6374
icmp_unreach_echoed_ip_id = OK
6375
icmp_unreach_echoed_total_len = OK
6376
icmp_unreach_echoed_3bit_flags = OK
6377
6378
#Module F [TCP SYN | ACK Module]
6379
#IP header of the TCP SYN ACK
6380
tcp_syn_ack_tos = 0
6381
tcp_syn_ack_df = 1
6382
tcp_syn_ack_ip_id = 0
6383
tcp_syn_ack_ttl = <64
6384
6385
#Information from the TCP header
6386
tcp_syn_ack_ack = 1
6387
tcp_syn_ack_window_size = 5792
6388
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6389
tcp_syn_ack_wscale = 0
6390
tcp_syn_ack_tsval = !0
6391
tcp_syn_ack_tsecr = !0
6392
6393
#Module G [TCP RST|ACK]
6394
tcp_rst_reply = y
6395
tcp_rst_df = 1
6396
tcp_rst_ip_id_1 = 0
6397
tcp_rst_ip_id_2 = 0
6398
tcp_rst_ip_id_strategy = 0
6399
tcp_rst_ttl = <255
6400
}
6401
6402
fingerprint {
6403
OS_ID = "Linux Kernel 2.4.10"
6404
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6405
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6406
#Date: 20 July 2002
6407
#Modified: 08 July 2003
6408
6409
#Module A
6410
icmp_echo_reply = y
6411
6412
6413
icmp_echo_code = !0
6414
icmp_echo_ip_id = !0
6415
icmp_echo_tos_bits = !0
6416
icmp_echo_df_bit = 0
6417
icmp_echo_reply_ttl = <255
6418
6419
#Module B
6420
icmp_timestamp_reply = y
6421
icmp_timestamp_reply_ttl = <255
6422
icmp_timestamp_reply_ip_id = !0
6423
6424
#Module C
6425
icmp_addrmask_reply = n
6426
icmp_addrmask_reply_ttl = <255
6427
icmp_addrmask_reply_ip_id = !0
6428
6429
#Module D
6430
icmp_info_reply = n
6431
icmp_info_reply_ttl = <255
6432
icmp_info_reply_ip_id = !0
6433
6434
#Module E
6435
icmp_unreach_reply = y
6436
icmp_unreach_echoed_dtsize = >64
6437
icmp_unreach_reply_ttl = <255
6438
icmp_unreach_precedence_bits = 0xc0
6439
icmp_unreach_df_bit = 0
6440
icmp_unreach_ip_id = !0
6441
6442
icmp_unreach_echoed_udp_cksum = OK
6443
icmp_unreach_echoed_ip_cksum = OK
6444
icmp_unreach_echoed_ip_id = OK
6445
icmp_unreach_echoed_total_len = OK
6446
icmp_unreach_echoed_3bit_flags = OK
6447
6448
#Module F [TCP SYN | ACK Module]
6449
#IP header of the TCP SYN ACK
6450
tcp_syn_ack_tos = 0
6451
tcp_syn_ack_df = 1
6452
tcp_syn_ack_ip_id = 0
6453
tcp_syn_ack_ttl = <64
6454
6455
#Information from the TCP header
6456
tcp_syn_ack_ack = 1
6457
tcp_syn_ack_window_size = 5792
6458
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6459
tcp_syn_ack_wscale = 0
6460
tcp_syn_ack_tsval = !0
6461
tcp_syn_ack_tsecr = !0
6462
6463
#Module G [TCP RST|ACK]
6464
tcp_rst_reply = y
6465
tcp_rst_df = 1
6466
tcp_rst_ip_id_1 = 0
6467
tcp_rst_ip_id_2 = 0
6468
tcp_rst_ip_id_strategy = 0
6469
tcp_rst_ttl = <255
6470
}
6471
6472
fingerprint {
6473
OS_ID = "Linux Kernel 2.4.9"
6474
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6475
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6476
#Date: 20 July 2002
6477
#Modified: 08 July 2003
6478
6479
#Module A
6480
icmp_echo_reply = y
6481
6482
6483
icmp_echo_code = !0
6484
icmp_echo_ip_id = !0
6485
icmp_echo_tos_bits = !0
6486
icmp_echo_df_bit = 0
6487
icmp_echo_reply_ttl = <255
6488
6489
#Module B
6490
icmp_timestamp_reply = y
6491
icmp_timestamp_reply_ttl = <255
6492
icmp_timestamp_reply_ip_id = !0
6493
6494
#Module C
6495
icmp_addrmask_reply = n
6496
icmp_addrmask_reply_ttl = <255
6497
icmp_addrmask_reply_ip_id = !0
6498
6499
#Module D
6500
icmp_info_reply = n
6501
icmp_info_reply_ttl = <255
6502
icmp_info_reply_ip_id = !0
6503
6504
#Module E
6505
icmp_unreach_reply = y
6506
icmp_unreach_echoed_dtsize = >64
6507
icmp_unreach_reply_ttl = <255
6508
icmp_unreach_precedence_bits = 0xc0
6509
icmp_unreach_df_bit = 0
6510
icmp_unreach_ip_id = !0
6511
6512
icmp_unreach_echoed_udp_cksum = OK
6513
icmp_unreach_echoed_ip_cksum = OK
6514
icmp_unreach_echoed_ip_id = OK
6515
icmp_unreach_echoed_total_len = OK
6516
icmp_unreach_echoed_3bit_flags = OK
6517
6518
#Module F [TCP SYN | ACK Module]
6519
#IP header of the TCP SYN ACK
6520
tcp_syn_ack_tos = 0
6521
tcp_syn_ack_df = 1
6522
tcp_syn_ack_ip_id = 0
6523
tcp_syn_ack_ttl = <64
6524
6525
#Information from the TCP header
6526
tcp_syn_ack_ack = 1
6527
tcp_syn_ack_window_size = 5792
6528
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6529
tcp_syn_ack_wscale = 0
6530
tcp_syn_ack_tsval = !0
6531
tcp_syn_ack_tsecr = !0
6532
6533
#Module G [TCP RST|ACK]
6534
tcp_rst_reply = y
6535
tcp_rst_df = 1
6536
tcp_rst_ip_id_1 = 0
6537
tcp_rst_ip_id_2 = 0
6538
tcp_rst_ip_id_strategy = 0
6539
tcp_rst_ttl = <255
6540
}
6541
6542
fingerprint {
6543
OS_ID = "Linux Kernel 2.4.8"
6544
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6545
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6546
#Date: 20 July 2002
6547
#Modified: 08 July 2003
6548
6549
#Module A
6550
icmp_echo_reply = y
6551
6552
6553
icmp_echo_code = !0
6554
icmp_echo_ip_id = !0
6555
icmp_echo_tos_bits = !0
6556
icmp_echo_df_bit = 0
6557
icmp_echo_reply_ttl = <255
6558
6559
#Module B
6560
icmp_timestamp_reply = y
6561
icmp_timestamp_reply_ttl = <255
6562
icmp_timestamp_reply_ip_id = !0
6563
6564
#Module C
6565
icmp_addrmask_reply = n
6566
icmp_addrmask_reply_ttl = <255
6567
icmp_addrmask_reply_ip_id = !0
6568
6569
#Module D
6570
icmp_info_reply = n
6571
icmp_info_reply_ttl = <255
6572
icmp_info_reply_ip_id = !0
6573
6574
#Module E
6575
icmp_unreach_reply = y
6576
icmp_unreach_echoed_dtsize = >64
6577
icmp_unreach_reply_ttl = <255
6578
icmp_unreach_precedence_bits = 0xc0
6579
icmp_unreach_df_bit = 0
6580
icmp_unreach_ip_id = !0
6581
6582
icmp_unreach_echoed_udp_cksum = OK
6583
icmp_unreach_echoed_ip_cksum = OK
6584
icmp_unreach_echoed_ip_id = OK
6585
icmp_unreach_echoed_total_len = OK
6586
icmp_unreach_echoed_3bit_flags = OK
6587
6588
#Module F [TCP SYN | ACK Module]
6589
#IP header of the TCP SYN ACK
6590
tcp_syn_ack_tos = 0
6591
tcp_syn_ack_df = 1
6592
tcp_syn_ack_ip_id = 0
6593
tcp_syn_ack_ttl = <64
6594
6595
#Information from the TCP header
6596
tcp_syn_ack_ack = 1
6597
tcp_syn_ack_window_size = 5792
6598
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6599
tcp_syn_ack_wscale = 0
6600
tcp_syn_ack_tsval = !0
6601
tcp_syn_ack_tsecr = !0
6602
6603
#Module G [TCP RST|ACK]
6604
tcp_rst_reply = y
6605
tcp_rst_df = 1
6606
tcp_rst_ip_id_1 = 0
6607
tcp_rst_ip_id_2 = 0
6608
tcp_rst_ip_id_strategy = 0
6609
tcp_rst_ttl = <255
6610
}
6611
6612
fingerprint {
6613
OS_ID = "Linux Kernel 2.4.7"
6614
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6615
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6616
#Date: 20 July 2002
6617
#Modified: 07 July 2003
6618
6619
#Module A
6620
icmp_echo_reply = y
6621
6622
6623
icmp_echo_code = !0
6624
icmp_echo_ip_id = !0
6625
icmp_echo_tos_bits = !0
6626
icmp_echo_df_bit = 0
6627
icmp_echo_reply_ttl = <255
6628
6629
#Module B
6630
icmp_timestamp_reply = y
6631
icmp_timestamp_reply_ttl = <255
6632
icmp_timestamp_reply_ip_id = !0
6633
6634
#Module C
6635
icmp_addrmask_reply = n
6636
icmp_addrmask_reply_ttl = <255
6637
icmp_addrmask_reply_ip_id = !0
6638
6639
#Module D
6640
icmp_info_reply = n
6641
icmp_info_reply_ttl = <255
6642
icmp_info_reply_ip_id = !0
6643
6644
#Module E
6645
icmp_unreach_reply = y
6646
icmp_unreach_echoed_dtsize = >64
6647
icmp_unreach_reply_ttl = <255
6648
icmp_unreach_precedence_bits = 0xc0
6649
icmp_unreach_df_bit = 0
6650
icmp_unreach_ip_id = !0
6651
6652
icmp_unreach_echoed_udp_cksum = OK
6653
icmp_unreach_echoed_ip_cksum = OK
6654
icmp_unreach_echoed_ip_id = OK
6655
icmp_unreach_echoed_total_len = OK
6656
icmp_unreach_echoed_3bit_flags = OK
6657
6658
#Module F [TCP SYN | ACK Module]
6659
#IP header of the TCP SYN ACK
6660
tcp_syn_ack_tos = 0
6661
tcp_syn_ack_df = 1
6662
tcp_syn_ack_ip_id = 0
6663
tcp_syn_ack_ttl = <64
6664
6665
#Information from the TCP header
6666
tcp_syn_ack_ack = 1
6667
tcp_syn_ack_window_size = 5792
6668
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6669
tcp_syn_ack_wscale = 0
6670
tcp_syn_ack_tsval = !0
6671
tcp_syn_ack_tsecr = !0
6672
6673
#Module G [TCP RST|ACK]
6674
tcp_rst_reply = y
6675
tcp_rst_df = 1
6676
tcp_rst_ip_id_1 = 0
6677
tcp_rst_ip_id_2 = 0
6678
tcp_rst_ip_id_strategy = 0
6679
tcp_rst_ttl = <255
6680
}
6681
6682
fingerprint {
6683
OS_ID = "Linux Kernel 2.4.6"
6684
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6685
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6686
#Date: 20 July 2002
6687
#Modified: 07 July 2003
6688
6689
#Module A
6690
icmp_echo_reply = y
6691
6692
6693
icmp_echo_code = !0
6694
icmp_echo_ip_id = !0
6695
icmp_echo_tos_bits = !0
6696
icmp_echo_df_bit = 0
6697
icmp_echo_reply_ttl = <255
6698
6699
#Module B
6700
icmp_timestamp_reply = y
6701
icmp_timestamp_reply_ttl = <255
6702
icmp_timestamp_reply_ip_id = !0
6703
6704
#Module C
6705
icmp_addrmask_reply = n
6706
icmp_addrmask_reply_ttl = <255
6707
icmp_addrmask_reply_ip_id = !0
6708
6709
#Module D
6710
icmp_info_reply = n
6711
icmp_info_reply_ttl = <255
6712
icmp_info_reply_ip_id = !0
6713
6714
#Module E
6715
icmp_unreach_reply = y
6716
icmp_unreach_echoed_dtsize = >64
6717
icmp_unreach_reply_ttl = <255
6718
icmp_unreach_precedence_bits = 0xc0
6719
icmp_unreach_df_bit = 0
6720
icmp_unreach_ip_id = !0
6721
6722
icmp_unreach_echoed_udp_cksum = OK
6723
icmp_unreach_echoed_ip_cksum = OK
6724
icmp_unreach_echoed_ip_id = OK
6725
icmp_unreach_echoed_total_len = OK
6726
icmp_unreach_echoed_3bit_flags = OK
6727
6728
#Module F [TCP SYN | ACK Module]
6729
#IP header of the TCP SYN ACK
6730
tcp_syn_ack_tos = 0
6731
tcp_syn_ack_df = 1
6732
tcp_syn_ack_ip_id = 0
6733
tcp_syn_ack_ttl = <64
6734
6735
#Information from the TCP header
6736
tcp_syn_ack_ack = 1
6737
tcp_syn_ack_window_size = 5792
6738
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6739
tcp_syn_ack_wscale = 0
6740
tcp_syn_ack_tsval = !0
6741
tcp_syn_ack_tsecr = !0
6742
6743
#Module G [TCP RST|ACK]
6744
tcp_rst_reply = y
6745
tcp_rst_df = 1
6746
tcp_rst_ip_id_1 = 0
6747
tcp_rst_ip_id_2 = 0
6748
tcp_rst_ip_id_strategy = 0
6749
tcp_rst_ttl = <255
6750
}
6751
6752
fingerprint {
6753
OS_ID = "Linux Kernel 2.4.5"
6754
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6755
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6756
#Date: 20 July 2002
6757
#Modified: 07 July 2003
6758
6759
#Module A
6760
icmp_echo_reply = y
6761
6762
6763
icmp_echo_code = !0
6764
icmp_echo_ip_id = !0
6765
icmp_echo_tos_bits = !0
6766
icmp_echo_df_bit = 0
6767
icmp_echo_reply_ttl = <255
6768
6769
#Module B
6770
icmp_timestamp_reply = y
6771
icmp_timestamp_reply_ttl = <255
6772
icmp_timestamp_reply_ip_id = !0
6773
6774
#Module C
6775
icmp_addrmask_reply = n
6776
icmp_addrmask_reply_ttl = <255
6777
icmp_addrmask_reply_ip_id = !0
6778
6779
#Module D
6780
icmp_info_reply = n
6781
icmp_info_reply_ttl = <255
6782
icmp_info_reply_ip_id = !0
6783
6784
#Module E
6785
icmp_unreach_reply = y
6786
icmp_unreach_echoed_dtsize = >64
6787
icmp_unreach_reply_ttl = <255
6788
icmp_unreach_precedence_bits = 0xc0
6789
icmp_unreach_df_bit = 0
6790
icmp_unreach_ip_id = !0
6791
6792
icmp_unreach_echoed_udp_cksum = OK
6793
icmp_unreach_echoed_ip_cksum = OK
6794
icmp_unreach_echoed_ip_id = OK
6795
icmp_unreach_echoed_total_len = OK
6796
icmp_unreach_echoed_3bit_flags = OK
6797
6798
#Module F [TCP SYN | ACK Module]
6799
#IP header of the TCP SYN ACK
6800
tcp_syn_ack_tos = 0
6801
tcp_syn_ack_df = 1
6802
tcp_syn_ack_ip_id = 0
6803
tcp_syn_ack_ttl = <64
6804
6805
#Information from the TCP header
6806
tcp_syn_ack_ack = 1
6807
tcp_syn_ack_window_size = 5792
6808
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6809
tcp_syn_ack_wscale = 0
6810
tcp_syn_ack_tsval = !0
6811
tcp_syn_ack_tsecr = !0
6812
6813
#Module G [TCP RST|ACK]
6814
tcp_rst_reply = y
6815
tcp_rst_df = 1
6816
tcp_rst_ip_id_1 = 0
6817
tcp_rst_ip_id_2 = 0
6818
tcp_rst_ip_id_strategy = 0
6819
tcp_rst_ttl = <255
6820
}
6821
6822
fingerprint {
6823
OS_ID = "Linux Kernel 2.4.4 (I)"
6824
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6825
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6826
#Date: 15 February 2005
6827
#Modified: -
6828
6829
#Module A
6830
icmp_echo_reply = y
6831
icmp_echo_code = !0
6832
icmp_echo_ip_id = 0
6833
icmp_echo_tos_bits = !0
6834
icmp_echo_df_bit = 1
6835
icmp_echo_reply_ttl = <255
6836
6837
#Module B
6838
icmp_timestamp_reply = y
6839
icmp_timestamp_reply_ttl = <255
6840
icmp_timestamp_reply_ip_id = 0
6841
6842
#Module C
6843
icmp_addrmask_reply = n
6844
icmp_addrmask_reply_ttl = <255
6845
icmp_addrmask_reply_ip_id = 0
6846
6847
#Module D
6848
icmp_info_reply = n
6849
icmp_info_reply_ttl = <255
6850
icmp_info_reply_ip_id = 0
6851
6852
#Module E
6853
icmp_unreach_reply = y
6854
icmp_unreach_echoed_dtsize = >64
6855
icmp_unreach_reply_ttl = <255
6856
icmp_unreach_precedence_bits = 0xc0
6857
icmp_unreach_df_bit = 1
6858
icmp_unreach_ip_id = !0
6859
6860
icmp_unreach_echoed_udp_cksum = OK
6861
icmp_unreach_echoed_ip_cksum = OK
6862
icmp_unreach_echoed_ip_id = OK
6863
icmp_unreach_echoed_total_len = OK
6864
icmp_unreach_echoed_3bit_flags = OK
6865
6866
#Module F [TCP SYN | ACK Module]
6867
#IP header of the TCP SYN ACK
6868
tcp_syn_ack_tos = 0
6869
tcp_syn_ack_df = 1
6870
tcp_syn_ack_ip_id = 0
6871
tcp_syn_ack_ttl = <64
6872
6873
#Information from the TCP header
6874
tcp_syn_ack_ack = 1
6875
tcp_syn_ack_window_size = 5792
6876
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6877
tcp_syn_ack_wscale = 0
6878
tcp_syn_ack_tsval = !0
6879
tcp_syn_ack_tsecr = !0
6880
6881
#Module G [TCP RST|ACK]
6882
tcp_rst_reply = y
6883
tcp_rst_df = 1
6884
tcp_rst_ip_id_1 = 0
6885
tcp_rst_ip_id_2 = 0
6886
tcp_rst_ip_id_strategy = 0
6887
tcp_rst_ttl = <255
6888
}
6889
6890
fingerprint {
6891
OS_ID = "Linux Kernel 2.4.4"
6892
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6893
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6894
#Date: 20 July 2002
6895
#Modified: 07 July 2003
6896
6897
#Module A
6898
icmp_echo_reply = y
6899
icmp_echo_code = !0
6900
icmp_echo_ip_id = 0
6901
icmp_echo_tos_bits = !0
6902
icmp_echo_df_bit = 1
6903
icmp_echo_reply_ttl = <255
6904
6905
#Module B
6906
icmp_timestamp_reply = y
6907
icmp_timestamp_reply_ttl = <255
6908
icmp_timestamp_reply_ip_id = 0
6909
6910
#Module C
6911
icmp_addrmask_reply = n
6912
icmp_addrmask_reply_ttl = <255
6913
icmp_addrmask_reply_ip_id = 0
6914
6915
#Module D
6916
icmp_info_reply = n
6917
icmp_info_reply_ttl = <255
6918
icmp_info_reply_ip_id = 0
6919
6920
#Module E
6921
icmp_unreach_reply = y
6922
icmp_unreach_echoed_dtsize = >64
6923
icmp_unreach_reply_ttl = <255
6924
icmp_unreach_precedence_bits = 0xc0
6925
icmp_unreach_df_bit = 1
6926
icmp_unreach_ip_id = 0
6927
6928
icmp_unreach_echoed_udp_cksum = OK
6929
icmp_unreach_echoed_ip_cksum = OK
6930
icmp_unreach_echoed_ip_id = OK
6931
icmp_unreach_echoed_total_len = OK
6932
icmp_unreach_echoed_3bit_flags = OK
6933
6934
#Module F [TCP SYN | ACK Module]
6935
#IP header of the TCP SYN ACK
6936
tcp_syn_ack_tos = 0
6937
tcp_syn_ack_df = 1
6938
tcp_syn_ack_ip_id = 0
6939
tcp_syn_ack_ttl = <64
6940
6941
#Information from the TCP header
6942
tcp_syn_ack_ack = 1
6943
tcp_syn_ack_window_size = 5792
6944
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
6945
tcp_syn_ack_wscale = 0
6946
tcp_syn_ack_tsval = !0
6947
tcp_syn_ack_tsecr = !0
6948
6949
#Module G [TCP RST|ACK]
6950
tcp_rst_reply = y
6951
tcp_rst_df = 1
6952
tcp_rst_ip_id_1 = 0
6953
tcp_rst_ip_id_2 = 0
6954
tcp_rst_ip_id_strategy = 0
6955
tcp_rst_ttl = <255
6956
}
6957
6958
fingerprint {
6959
OS_ID = "Linux Kernel 2.4.3"
6960
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
6961
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
6962
#Date: 20 July 2002
6963
#Modified: 07 July 2003
6964
6965
#Module A
6966
icmp_echo_reply = y
6967
icmp_echo_code = !0
6968
icmp_echo_ip_id = 0
6969
icmp_echo_tos_bits = !0
6970
icmp_echo_df_bit = 1
6971
icmp_echo_reply_ttl = <255
6972
6973
#Module B
6974
icmp_timestamp_reply = y
6975
icmp_timestamp_reply_ttl = <255
6976
icmp_timestamp_reply_ip_id = 0
6977
6978
#Module C
6979
icmp_addrmask_reply = n
6980
icmp_addrmask_reply_ttl = <255
6981
icmp_addrmask_reply_ip_id = 0
6982
6983
#Module D
6984
icmp_info_reply = n
6985
icmp_info_reply_ttl = <255
6986
icmp_info_reply_ip_id = 0
6987
6988
#Module E
6989
icmp_unreach_reply = y
6990
icmp_unreach_echoed_dtsize = >64
6991
icmp_unreach_reply_ttl = <255
6992
icmp_unreach_precedence_bits = 0xc0
6993
icmp_unreach_df_bit = 1
6994
icmp_unreach_ip_id = 0
6995
6996
icmp_unreach_echoed_udp_cksum = OK
6997
icmp_unreach_echoed_ip_cksum = OK
6998
icmp_unreach_echoed_ip_id = OK
6999
icmp_unreach_echoed_total_len = OK
7000
icmp_unreach_echoed_3bit_flags = OK
7001
7002
#Module F [TCP SYN | ACK Module]
7003
#IP header of the TCP SYN ACK
7004
tcp_syn_ack_tos = 0
7005
tcp_syn_ack_df = 1
7006
tcp_syn_ack_ip_id = 0
7007
tcp_syn_ack_ttl = <64
7008
7009
#Information from the TCP header
7010
tcp_syn_ack_ack = 1
7011
tcp_syn_ack_window_size = 5792
7012
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7013
tcp_syn_ack_wscale = 0
7014
tcp_syn_ack_tsval = !0
7015
tcp_syn_ack_tsecr = !0
7016
7017
#Module G [TCP RST|ACK]
7018
tcp_rst_reply = y
7019
tcp_rst_df = 1
7020
tcp_rst_ip_id_1 = 0
7021
tcp_rst_ip_id_2 = 0
7022
tcp_rst_ip_id_strategy = 0
7023
tcp_rst_ttl = <255
7024
}
7025
7026
fingerprint {
7027
OS_ID = "Linux Kernel 2.4.2"
7028
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7029
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
7030
#Date: 20 July 2002
7031
#Modified: 07 July 2003
7032
7033
#Module A
7034
icmp_echo_reply = y
7035
icmp_echo_code = !0
7036
icmp_echo_ip_id = 0
7037
icmp_echo_tos_bits = !0
7038
icmp_echo_df_bit = 1
7039
icmp_echo_reply_ttl = <255
7040
7041
#Module B
7042
icmp_timestamp_reply = y
7043
icmp_timestamp_reply_ttl = <255
7044
icmp_timestamp_reply_ip_id = 0
7045
7046
#Module C
7047
icmp_addrmask_reply = n
7048
icmp_addrmask_reply_ttl = <255
7049
icmp_addrmask_reply_ip_id = 0
7050
7051
#Module D
7052
icmp_info_reply = n
7053
icmp_info_reply_ttl = <255
7054
icmp_info_reply_ip_id = 0
7055
7056
#Module E
7057
icmp_unreach_reply = y
7058
icmp_unreach_echoed_dtsize = >64
7059
icmp_unreach_reply_ttl = <255
7060
icmp_unreach_precedence_bits = 0xc0
7061
icmp_unreach_df_bit = 1
7062
icmp_unreach_ip_id = 0
7063
7064
icmp_unreach_echoed_udp_cksum = OK
7065
icmp_unreach_echoed_ip_cksum = OK
7066
icmp_unreach_echoed_ip_id = OK
7067
icmp_unreach_echoed_total_len = OK
7068
icmp_unreach_echoed_3bit_flags = OK
7069
7070
#Module F [TCP SYN | ACK Module]
7071
#IP header of the TCP SYN ACK
7072
tcp_syn_ack_tos = 0
7073
tcp_syn_ack_df = 1
7074
tcp_syn_ack_ip_id = 0
7075
tcp_syn_ack_ttl = <64
7076
7077
#Information from the TCP header
7078
tcp_syn_ack_ack = 1
7079
tcp_syn_ack_window_size = 5792
7080
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7081
tcp_syn_ack_wscale = 0
7082
tcp_syn_ack_tsval = !0
7083
tcp_syn_ack_tsecr = !0
7084
7085
#Module G [TCP RST|ACK]
7086
tcp_rst_reply = y
7087
tcp_rst_df = 1
7088
tcp_rst_ip_id_1 = 0
7089
tcp_rst_ip_id_2 = 0
7090
tcp_rst_ip_id_strategy = 0
7091
tcp_rst_ttl = <255
7092
}
7093
7094
fingerprint {
7095
OS_ID = "Linux Kernel 2.4.1"
7096
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7097
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
7098
#Date: 20 July 2002
7099
#Modified: 07 July 2003
7100
7101
#Module A
7102
icmp_echo_reply = y
7103
icmp_echo_code = !0
7104
icmp_echo_ip_id = 0
7105
icmp_echo_tos_bits = !0
7106
icmp_echo_df_bit = 1
7107
icmp_echo_reply_ttl = <255
7108
7109
#Module B
7110
icmp_timestamp_reply = y
7111
icmp_timestamp_reply_ttl = <255
7112
icmp_timestamp_reply_ip_id = 0
7113
7114
#Module C
7115
icmp_addrmask_reply = n
7116
icmp_addrmask_reply_ttl = <255
7117
icmp_addrmask_reply_ip_id = 0
7118
7119
#Module D
7120
icmp_info_reply = n
7121
icmp_info_reply_ttl = <255
7122
icmp_info_reply_ip_id = 0
7123
7124
#Module E
7125
icmp_unreach_reply = y
7126
icmp_unreach_echoed_dtsize = >64
7127
icmp_unreach_reply_ttl = <255
7128
icmp_unreach_precedence_bits = 0xc0
7129
icmp_unreach_df_bit = 1
7130
icmp_unreach_ip_id = 0
7131
7132
icmp_unreach_echoed_udp_cksum = OK
7133
icmp_unreach_echoed_ip_cksum = OK
7134
icmp_unreach_echoed_ip_id = OK
7135
icmp_unreach_echoed_total_len = OK
7136
icmp_unreach_echoed_3bit_flags = OK
7137
7138
#Module F [TCP SYN | ACK Module]
7139
#IP header of the TCP SYN ACK
7140
tcp_syn_ack_tos = 0
7141
tcp_syn_ack_df = 1
7142
tcp_syn_ack_ip_id = 0
7143
tcp_syn_ack_ttl = <64
7144
7145
#Information from the TCP header
7146
tcp_syn_ack_ack = 1
7147
tcp_syn_ack_window_size = 5792
7148
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7149
tcp_syn_ack_wscale = 0
7150
tcp_syn_ack_tsval = !0
7151
tcp_syn_ack_tsecr = !0
7152
7153
#Module G [TCP RST|ACK]
7154
tcp_rst_reply = y
7155
tcp_rst_df = 1
7156
tcp_rst_ip_id_1 = 0
7157
tcp_rst_ip_id_2 = 0
7158
tcp_rst_ip_id_strategy = 0
7159
tcp_rst_ttl = <255
7160
}
7161
7162
fingerprint {
7163
OS_ID = "Linux Kernel 2.4.0"
7164
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7165
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
7166
#Date: 20 July 2002
7167
#Modified: 07 July 2003
7168
7169
#Module A
7170
icmp_echo_reply = y
7171
icmp_echo_code = !0
7172
icmp_echo_ip_id = 0
7173
icmp_echo_tos_bits = !0
7174
icmp_echo_df_bit = 1
7175
icmp_echo_reply_ttl = <255
7176
7177
#Module B
7178
icmp_timestamp_reply = y
7179
icmp_timestamp_reply_ttl = <255
7180
icmp_timestamp_reply_ip_id = 0
7181
7182
#Module C
7183
icmp_addrmask_reply = n
7184
icmp_addrmask_reply_ttl = <255
7185
icmp_addrmask_reply_ip_id = 0
7186
7187
#Module D
7188
icmp_info_reply = n
7189
icmp_info_reply_ttl = <255
7190
icmp_info_reply_ip_id = 0
7191
7192
#Module E
7193
icmp_unreach_reply = y
7194
icmp_unreach_echoed_dtsize = >64
7195
icmp_unreach_reply_ttl = <255
7196
icmp_unreach_precedence_bits = 0xc0
7197
icmp_unreach_df_bit = 1
7198
icmp_unreach_ip_id = 0
7199
7200
icmp_unreach_echoed_udp_cksum = OK
7201
icmp_unreach_echoed_ip_cksum = OK
7202
icmp_unreach_echoed_ip_id = OK
7203
icmp_unreach_echoed_total_len = OK
7204
icmp_unreach_echoed_3bit_flags = OK
7205
7206
#Module F [TCP SYN | ACK Module]
7207
#IP header of the TCP SYN ACK
7208
tcp_syn_ack_tos = 0
7209
tcp_syn_ack_df = 1
7210
tcp_syn_ack_ip_id = 0
7211
tcp_syn_ack_ttl = <64
7212
7213
#Information from the TCP header
7214
tcp_syn_ack_ack = 1
7215
tcp_syn_ack_window_size = 5792
7216
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7217
tcp_syn_ack_wscale = 0
7218
tcp_syn_ack_tsval = !0
7219
tcp_syn_ack_tsecr = !0
7220
7221
#Module G [TCP RST|ACK]
7222
tcp_rst_reply = y
7223
tcp_rst_df = 1
7224
tcp_rst_ip_id_1 = 0
7225
tcp_rst_ip_id_2 = 0
7226
tcp_rst_ip_id_strategy = 0
7227
tcp_rst_ttl = <255
7228
}
7229
7230
fingerprint {
7231
OS_ID = "Linux Kernel 2.2.26"
7232
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7233
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7234
#Date: 19 December 2003
7235
#Modified:
7236
7237
#Module A [ICMP ECHO Probe]
7238
icmp_echo_reply = y
7239
icmp_echo_code = !0
7240
icmp_echo_ip_id = !0
7241
icmp_echo_tos_bits = !0
7242
icmp_echo_df_bit = 0
7243
icmp_echo_reply_ttl = <255
7244
7245
#Module B [ICMP Timestamp Probe]
7246
icmp_timestamp_reply = y
7247
icmp_timestamp_reply_ttl = <255
7248
icmp_timestamp_reply_ip_id = !0
7249
7250
#Module C [ICMP Address Mask Request Probe]
7251
icmp_addrmask_reply = n
7252
icmp_addrmask_reply_ttl = <255
7253
icmp_addrmask_reply_ip_id = !0
7254
7255
#Module D [ICMP Information Request Probe]
7256
icmp_info_reply = n
7257
icmp_info_reply_ttl = <255
7258
icmp_info_reply_ip_id = !0
7259
7260
#Module E [UDP -> ICMP Unreachable probe]
7261
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7262
icmp_unreach_reply = y
7263
icmp_unreach_echoed_dtsize = >64
7264
icmp_unreach_reply_ttl = <255
7265
icmp_unreach_precedence_bits = 0xc0
7266
icmp_unreach_df_bit = 0
7267
icmp_unreach_ip_id = !0
7268
7269
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7270
icmp_unreach_echoed_udp_cksum = OK
7271
icmp_unreach_echoed_ip_cksum = OK
7272
icmp_unreach_echoed_ip_id = OK
7273
icmp_unreach_echoed_total_len = OK
7274
icmp_unreach_echoed_3bit_flags = OK
7275
7276
#Module F [TCP SYN | ACK Module]
7277
#IP header of the TCP SYN ACK
7278
tcp_syn_ack_tos = 0
7279
tcp_syn_ack_df = 1
7280
tcp_syn_ack_ip_id = !0
7281
tcp_syn_ack_ttl = <64
7282
7283
#Information from the TCP header
7284
tcp_syn_ack_ack = 1
7285
tcp_syn_ack_window_size = 32120
7286
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7287
tcp_syn_ack_wscale = 0
7288
tcp_syn_ack_tsval = !0
7289
tcp_syn_ack_tsecr = !0
7290
7291
#Module G [TCP RST|ACK]
7292
tcp_rst_reply = y
7293
tcp_rst_df = 0
7294
tcp_rst_ip_id_1 = !0
7295
tcp_rst_ip_id_2 = !0
7296
tcp_rst_ip_id_strategy = I
7297
tcp_rst_ttl = <255
7298
}
7299
7300
fingerprint {
7301
OS_ID = "Linux Kernel 2.2.25"
7302
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7303
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7304
#Date: 02 July 2003
7305
#Modified: 02 July 2003
7306
7307
#Module A [ICMP ECHO Probe]
7308
icmp_echo_reply = y
7309
7310
7311
icmp_echo_code = !0
7312
icmp_echo_ip_id = !0
7313
icmp_echo_tos_bits = !0
7314
icmp_echo_df_bit = 0
7315
icmp_echo_reply_ttl = <255
7316
7317
#Module B [ICMP Timestamp Probe]
7318
icmp_timestamp_reply = y
7319
icmp_timestamp_reply_ttl = <255
7320
icmp_timestamp_reply_ip_id = !0
7321
7322
#Module C [ICMP Address Mask Request Probe]
7323
icmp_addrmask_reply = n
7324
icmp_addrmask_reply_ttl = <255
7325
icmp_addrmask_reply_ip_id = !0
7326
7327
#Module D [ICMP Information Request Probe]
7328
icmp_info_reply = n
7329
icmp_info_reply_ttl = <255
7330
icmp_info_reply_ip_id = !0
7331
7332
#Module E [UDP -> ICMP Unreachable probe]
7333
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7334
icmp_unreach_reply = y
7335
icmp_unreach_echoed_dtsize = >64
7336
icmp_unreach_reply_ttl = <255
7337
icmp_unreach_precedence_bits = 0xc0
7338
icmp_unreach_df_bit = 0
7339
icmp_unreach_ip_id = !0
7340
7341
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7342
icmp_unreach_echoed_udp_cksum = OK
7343
icmp_unreach_echoed_ip_cksum = OK
7344
icmp_unreach_echoed_ip_id = OK
7345
icmp_unreach_echoed_total_len = OK
7346
icmp_unreach_echoed_3bit_flags = OK
7347
7348
#Module F [TCP SYN | ACK Module]
7349
#IP header of the TCP SYN ACK
7350
tcp_syn_ack_tos = 0
7351
tcp_syn_ack_df = 1
7352
tcp_syn_ack_ip_id = !0
7353
tcp_syn_ack_ttl = <64
7354
7355
#Information from the TCP header
7356
tcp_syn_ack_ack = 1
7357
tcp_syn_ack_window_size = 32120
7358
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7359
tcp_syn_ack_wscale = 0
7360
tcp_syn_ack_tsval = !0
7361
tcp_syn_ack_tsecr = !0
7362
7363
#Module G [TCP RST|ACK]
7364
tcp_rst_reply = y
7365
tcp_rst_df = 0
7366
tcp_rst_ip_id_1 = !0
7367
tcp_rst_ip_id_2 = !0
7368
tcp_rst_ip_id_strategy = I
7369
tcp_rst_ttl = <255
7370
}
7371
7372
fingerprint {
7373
OS_ID = "Linux Kernel 2.2.24"
7374
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7375
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7376
#Date: 02 July 2003
7377
#Modified: 02 July 2003
7378
7379
#Module A [ICMP ECHO Probe]
7380
icmp_echo_reply = y
7381
7382
7383
icmp_echo_code = !0
7384
icmp_echo_ip_id = !0
7385
icmp_echo_tos_bits = !0
7386
icmp_echo_df_bit = 0
7387
icmp_echo_reply_ttl = <255
7388
7389
#Module B [ICMP Timestamp Probe]
7390
icmp_timestamp_reply = y
7391
icmp_timestamp_reply_ttl = <255
7392
icmp_timestamp_reply_ip_id = !0
7393
7394
#Module C [ICMP Address Mask Request Probe]
7395
icmp_addrmask_reply = n
7396
icmp_addrmask_reply_ttl = <255
7397
icmp_addrmask_reply_ip_id = !0
7398
7399
#Module D [ICMP Information Request Probe]
7400
icmp_info_reply = n
7401
icmp_info_reply_ttl = <255
7402
icmp_info_reply_ip_id = !0
7403
7404
#Module E [UDP -> ICMP Unreachable probe]
7405
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7406
icmp_unreach_reply = y
7407
icmp_unreach_echoed_dtsize = >64
7408
icmp_unreach_reply_ttl = <255
7409
icmp_unreach_precedence_bits = 0xc0
7410
icmp_unreach_df_bit = 0
7411
icmp_unreach_ip_id = !0
7412
7413
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7414
icmp_unreach_echoed_udp_cksum = OK
7415
icmp_unreach_echoed_ip_cksum = OK
7416
icmp_unreach_echoed_ip_id = OK
7417
icmp_unreach_echoed_total_len = OK
7418
icmp_unreach_echoed_3bit_flags = OK
7419
7420
#Module F [TCP SYN | ACK Module]
7421
#IP header of the TCP SYN ACK
7422
tcp_syn_ack_tos = 0
7423
tcp_syn_ack_df = 1
7424
tcp_syn_ack_ip_id = !0
7425
tcp_syn_ack_ttl = <64
7426
7427
#Information from the TCP header
7428
tcp_syn_ack_ack = 1
7429
tcp_syn_ack_window_size = 32120
7430
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7431
tcp_syn_ack_wscale = 0
7432
tcp_syn_ack_tsval = !0
7433
tcp_syn_ack_tsecr = !0
7434
7435
#Module G [TCP RST|ACK]
7436
tcp_rst_reply = y
7437
tcp_rst_df = 0
7438
tcp_rst_ip_id_1 = !0
7439
tcp_rst_ip_id_2 = !0
7440
tcp_rst_ip_id_strategy = I
7441
tcp_rst_ttl = <255
7442
}
7443
7444
fingerprint {
7445
OS_ID = "Linux Kernel 2.2.23"
7446
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7447
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7448
#Date: 02 July 2003
7449
#Modified: 02 July 2003
7450
7451
#Module A [ICMP ECHO Probe]
7452
icmp_echo_reply = y
7453
7454
7455
icmp_echo_code = !0
7456
icmp_echo_ip_id = !0
7457
icmp_echo_tos_bits = !0
7458
icmp_echo_df_bit = 0
7459
icmp_echo_reply_ttl = <255
7460
7461
#Module B [ICMP Timestamp Probe]
7462
icmp_timestamp_reply = y
7463
icmp_timestamp_reply_ttl = <255
7464
icmp_timestamp_reply_ip_id = !0
7465
7466
#Module C [ICMP Address Mask Request Probe]
7467
icmp_addrmask_reply = n
7468
icmp_addrmask_reply_ttl = <255
7469
icmp_addrmask_reply_ip_id = !0
7470
7471
#Module D [ICMP Information Request Probe]
7472
icmp_info_reply = n
7473
icmp_info_reply_ttl = <255
7474
icmp_info_reply_ip_id = !0
7475
7476
#Module E [UDP -> ICMP Unreachable probe]
7477
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7478
icmp_unreach_reply = y
7479
icmp_unreach_echoed_dtsize = >64
7480
icmp_unreach_reply_ttl = <255
7481
icmp_unreach_precedence_bits = 0xc0
7482
icmp_unreach_df_bit = 0
7483
icmp_unreach_ip_id = !0
7484
7485
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7486
icmp_unreach_echoed_udp_cksum = OK
7487
icmp_unreach_echoed_ip_cksum = OK
7488
icmp_unreach_echoed_ip_id = OK
7489
icmp_unreach_echoed_total_len = OK
7490
icmp_unreach_echoed_3bit_flags = OK
7491
7492
#Module F [TCP SYN | ACK Module]
7493
#IP header of the TCP SYN ACK
7494
tcp_syn_ack_tos = 0
7495
tcp_syn_ack_df = 1
7496
tcp_syn_ack_ip_id = !0
7497
tcp_syn_ack_ttl = <64
7498
7499
#Information from the TCP header
7500
tcp_syn_ack_ack = 1
7501
tcp_syn_ack_window_size = 32120
7502
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7503
tcp_syn_ack_wscale = 0
7504
tcp_syn_ack_tsval = !0
7505
tcp_syn_ack_tsecr = !0
7506
7507
#Module G [TCP RST|ACK]
7508
tcp_rst_reply = y
7509
tcp_rst_df = 0
7510
tcp_rst_ip_id_1 = !0
7511
tcp_rst_ip_id_2 = !0
7512
tcp_rst_ip_id_strategy = I
7513
tcp_rst_ttl = <255
7514
}
7515
7516
fingerprint {
7517
OS_ID = "Linux Kernel 2.2.22"
7518
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7519
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7520
#Date: 02 July 2003
7521
#Modified: 02 July 2003
7522
7523
#Module A [ICMP ECHO Probe]
7524
icmp_echo_reply = y
7525
7526
7527
icmp_echo_code = !0
7528
icmp_echo_ip_id = !0
7529
icmp_echo_tos_bits = !0
7530
icmp_echo_df_bit = 0
7531
icmp_echo_reply_ttl = <255
7532
7533
#Module B [ICMP Timestamp Probe]
7534
icmp_timestamp_reply = y
7535
icmp_timestamp_reply_ttl = <255
7536
icmp_timestamp_reply_ip_id = !0
7537
7538
#Module C [ICMP Address Mask Request Probe]
7539
icmp_addrmask_reply = n
7540
icmp_addrmask_reply_ttl = <255
7541
icmp_addrmask_reply_ip_id = !0
7542
7543
#Module D [ICMP Information Request Probe]
7544
icmp_info_reply = n
7545
icmp_info_reply_ttl = <255
7546
icmp_info_reply_ip_id = !0
7547
7548
#Module E [UDP -> ICMP Unreachable probe]
7549
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7550
icmp_unreach_reply = y
7551
icmp_unreach_echoed_dtsize = >64
7552
icmp_unreach_reply_ttl = <255
7553
icmp_unreach_precedence_bits = 0xc0
7554
icmp_unreach_df_bit = 0
7555
icmp_unreach_ip_id = !0
7556
7557
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7558
icmp_unreach_echoed_udp_cksum = OK
7559
icmp_unreach_echoed_ip_cksum = OK
7560
icmp_unreach_echoed_ip_id = OK
7561
icmp_unreach_echoed_total_len = OK
7562
icmp_unreach_echoed_3bit_flags = OK
7563
7564
#Module F [TCP SYN | ACK Module]
7565
#IP header of the TCP SYN ACK
7566
tcp_syn_ack_tos = 0
7567
tcp_syn_ack_df = 1
7568
tcp_syn_ack_ip_id = !0
7569
tcp_syn_ack_ttl = <64
7570
7571
#Information from the TCP header
7572
tcp_syn_ack_ack = 1
7573
tcp_syn_ack_window_size = 32120
7574
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7575
tcp_syn_ack_wscale = 0
7576
tcp_syn_ack_tsval = !0
7577
tcp_syn_ack_tsecr = !0
7578
7579
#Module G [TCP RST|ACK]
7580
tcp_rst_reply = y
7581
tcp_rst_df = 0
7582
tcp_rst_ip_id_1 = !0
7583
tcp_rst_ip_id_2 = !0
7584
tcp_rst_ip_id_strategy = I
7585
tcp_rst_ttl = <255
7586
}
7587
7588
fingerprint {
7589
OS_ID = "Linux Kernel 2.2.21"
7590
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7591
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7592
#Date: 02 July 2003
7593
#Modified: 02 July 2003
7594
7595
#Module A [ICMP ECHO Probe]
7596
icmp_echo_reply = y
7597
7598
7599
icmp_echo_code = !0
7600
icmp_echo_ip_id = !0
7601
icmp_echo_tos_bits = !0
7602
icmp_echo_df_bit = 0
7603
icmp_echo_reply_ttl = <255
7604
7605
#Module B [ICMP Timestamp Probe]
7606
icmp_timestamp_reply = y
7607
icmp_timestamp_reply_ttl = <255
7608
icmp_timestamp_reply_ip_id = !0
7609
7610
#Module C [ICMP Address Mask Request Probe]
7611
icmp_addrmask_reply = n
7612
icmp_addrmask_reply_ttl = <255
7613
icmp_addrmask_reply_ip_id = !0
7614
7615
#Module D [ICMP Information Request Probe]
7616
icmp_info_reply = n
7617
icmp_info_reply_ttl = <255
7618
icmp_info_reply_ip_id = !0
7619
7620
#Module E [UDP -> ICMP Unreachable probe]
7621
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7622
icmp_unreach_reply = y
7623
icmp_unreach_echoed_dtsize = >64
7624
icmp_unreach_reply_ttl = <255
7625
icmp_unreach_precedence_bits = 0xc0
7626
icmp_unreach_df_bit = 0
7627
icmp_unreach_ip_id = !0
7628
7629
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7630
icmp_unreach_echoed_udp_cksum = OK
7631
icmp_unreach_echoed_ip_cksum = OK
7632
icmp_unreach_echoed_ip_id = OK
7633
icmp_unreach_echoed_total_len = OK
7634
icmp_unreach_echoed_3bit_flags = OK
7635
7636
#Module F [TCP SYN | ACK Module]
7637
#IP header of the TCP SYN ACK
7638
tcp_syn_ack_tos = 0
7639
tcp_syn_ack_df = 1
7640
tcp_syn_ack_ip_id = !0
7641
tcp_syn_ack_ttl = <64
7642
7643
#Information from the TCP header
7644
tcp_syn_ack_ack = 1
7645
tcp_syn_ack_window_size = 32120
7646
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7647
tcp_syn_ack_wscale = 0
7648
tcp_syn_ack_tsval = !0
7649
tcp_syn_ack_tsecr = !0
7650
7651
#Module G [TCP RST|ACK]
7652
tcp_rst_reply = y
7653
tcp_rst_df = 0
7654
tcp_rst_ip_id_1 = !0
7655
tcp_rst_ip_id_2 = !0
7656
tcp_rst_ip_id_strategy = I
7657
tcp_rst_ttl = <255
7658
}
7659
7660
fingerprint {
7661
OS_ID = "Linux Kernel 2.2.20"
7662
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7663
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7664
#Date: 02 July 2003
7665
#Modified: 02 July 2003
7666
7667
#Module A [ICMP ECHO Probe]
7668
icmp_echo_reply = y
7669
7670
7671
icmp_echo_code = !0
7672
icmp_echo_ip_id = !0
7673
icmp_echo_tos_bits = !0
7674
icmp_echo_df_bit = 0
7675
icmp_echo_reply_ttl = <255
7676
7677
#Module B [ICMP Timestamp Probe]
7678
icmp_timestamp_reply = y
7679
icmp_timestamp_reply_ttl = <255
7680
icmp_timestamp_reply_ip_id = !0
7681
7682
#Module C [ICMP Address Mask Request Probe]
7683
icmp_addrmask_reply = n
7684
icmp_addrmask_reply_ttl = <255
7685
icmp_addrmask_reply_ip_id = !0
7686
7687
#Module D [ICMP Information Request Probe]
7688
icmp_info_reply = n
7689
icmp_info_reply_ttl = <255
7690
icmp_info_reply_ip_id = !0
7691
7692
#Module E [UDP -> ICMP Unreachable probe]
7693
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7694
icmp_unreach_reply = y
7695
icmp_unreach_echoed_dtsize = >64
7696
icmp_unreach_reply_ttl = <255
7697
icmp_unreach_precedence_bits = 0xc0
7698
icmp_unreach_df_bit = 0
7699
icmp_unreach_ip_id = !0
7700
7701
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7702
icmp_unreach_echoed_udp_cksum = OK
7703
icmp_unreach_echoed_ip_cksum = OK
7704
icmp_unreach_echoed_ip_id = OK
7705
icmp_unreach_echoed_total_len = OK
7706
icmp_unreach_echoed_3bit_flags = OK
7707
7708
#Module F [TCP SYN | ACK Module]
7709
#IP header of the TCP SYN ACK
7710
tcp_syn_ack_tos = 0
7711
tcp_syn_ack_df = 1
7712
tcp_syn_ack_ip_id = !0
7713
tcp_syn_ack_ttl = <64
7714
7715
#Information from the TCP header
7716
tcp_syn_ack_ack = 1
7717
tcp_syn_ack_window_size = 32120
7718
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7719
tcp_syn_ack_wscale = 0
7720
tcp_syn_ack_tsval = !0
7721
tcp_syn_ack_tsecr = !0
7722
7723
#Module G [TCP RST|ACK]
7724
tcp_rst_reply = y
7725
tcp_rst_df = 0
7726
tcp_rst_ip_id_1 = !0
7727
tcp_rst_ip_id_2 = !0
7728
tcp_rst_ip_id_strategy = I
7729
tcp_rst_ttl = <255
7730
}
7731
7732
fingerprint {
7733
OS_ID = "Linux Kernel 2.2.19"
7734
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7735
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7736
#Date: 02 July 2003
7737
#Modified: 02 July 2003
7738
7739
#Module A [ICMP ECHO Probe]
7740
icmp_echo_reply = y
7741
7742
7743
icmp_echo_code = !0
7744
icmp_echo_ip_id = !0
7745
icmp_echo_tos_bits = !0
7746
icmp_echo_df_bit = 0
7747
icmp_echo_reply_ttl = <255
7748
7749
#Module B [ICMP Timestamp Probe]
7750
icmp_timestamp_reply = y
7751
icmp_timestamp_reply_ttl = <255
7752
icmp_timestamp_reply_ip_id = !0
7753
7754
#Module C [ICMP Address Mask Request Probe]
7755
icmp_addrmask_reply = n
7756
icmp_addrmask_reply_ttl = <255
7757
icmp_addrmask_reply_ip_id = !0
7758
7759
#Module D [ICMP Information Request Probe]
7760
icmp_info_reply = n
7761
icmp_info_reply_ttl = <255
7762
icmp_info_reply_ip_id = !0
7763
7764
#Module E [UDP -> ICMP Unreachable probe]
7765
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7766
icmp_unreach_reply = y
7767
icmp_unreach_echoed_dtsize = >64
7768
icmp_unreach_reply_ttl = <255
7769
icmp_unreach_precedence_bits = 0xc0
7770
icmp_unreach_df_bit = 0
7771
icmp_unreach_ip_id = !0
7772
7773
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7774
icmp_unreach_echoed_udp_cksum = OK
7775
icmp_unreach_echoed_ip_cksum = OK
7776
icmp_unreach_echoed_ip_id = OK
7777
icmp_unreach_echoed_total_len = OK
7778
icmp_unreach_echoed_3bit_flags = OK
7779
7780
#Module F [TCP SYN | ACK Module]
7781
#IP header of the TCP SYN ACK
7782
tcp_syn_ack_tos = 0
7783
tcp_syn_ack_df = 1
7784
tcp_syn_ack_ip_id = !0
7785
tcp_syn_ack_ttl = <64
7786
7787
#Information from the TCP header
7788
tcp_syn_ack_ack = 1
7789
tcp_syn_ack_window_size = 32120
7790
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7791
tcp_syn_ack_wscale = 0
7792
tcp_syn_ack_tsval = !0
7793
tcp_syn_ack_tsecr = !0
7794
7795
#Module G [TCP RST|ACK]
7796
tcp_rst_reply = y
7797
tcp_rst_df = 0
7798
tcp_rst_ip_id_1 = !0
7799
tcp_rst_ip_id_2 = !0
7800
tcp_rst_ip_id_strategy = I
7801
tcp_rst_ttl = <255
7802
}
7803
7804
fingerprint {
7805
OS_ID = "Linux Kernel 2.2.18"
7806
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7807
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7808
#Date: 13 July 2003
7809
#Modified: 13 July 2003
7810
7811
#Module A [ICMP ECHO Probe]
7812
icmp_echo_reply = y
7813
7814
7815
icmp_echo_code = !0
7816
icmp_echo_ip_id = !0
7817
icmp_echo_tos_bits = !0
7818
icmp_echo_df_bit = 0
7819
icmp_echo_reply_ttl = <255
7820
7821
#Module B [ICMP Timestamp Probe]
7822
icmp_timestamp_reply = y
7823
icmp_timestamp_reply_ttl = <255
7824
icmp_timestamp_reply_ip_id = !0
7825
7826
#Module C [ICMP Address Mask Request Probe]
7827
icmp_addrmask_reply = n
7828
icmp_addrmask_reply_ttl = <255
7829
icmp_addrmask_reply_ip_id = !0
7830
7831
#Module D [ICMP Information Request Probe]
7832
icmp_info_reply = n
7833
icmp_info_reply_ttl = <255
7834
icmp_info_reply_ip_id = !0
7835
7836
#Module E [UDP -> ICMP Unreachable probe]
7837
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7838
icmp_unreach_reply = y
7839
icmp_unreach_echoed_dtsize = >64
7840
icmp_unreach_reply_ttl = <255
7841
icmp_unreach_precedence_bits = 0xc0
7842
icmp_unreach_df_bit = 0
7843
icmp_unreach_ip_id = !0
7844
7845
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7846
icmp_unreach_echoed_udp_cksum = OK
7847
icmp_unreach_echoed_ip_cksum = OK
7848
icmp_unreach_echoed_ip_id = OK
7849
icmp_unreach_echoed_total_len = OK
7850
icmp_unreach_echoed_3bit_flags = OK
7851
7852
#Module F [TCP SYN | ACK Module]
7853
#IP header of the TCP SYN ACK
7854
tcp_syn_ack_tos = 0
7855
tcp_syn_ack_df = 1
7856
tcp_syn_ack_ip_id = !0
7857
tcp_syn_ack_ttl = <64
7858
7859
#Information from the TCP header
7860
tcp_syn_ack_ack = 1
7861
tcp_syn_ack_window_size = 32120
7862
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7863
tcp_syn_ack_wscale = 0
7864
tcp_syn_ack_tsval = !0
7865
tcp_syn_ack_tsecr = !0
7866
7867
#Module G [TCP RST|ACK]
7868
tcp_rst_reply = y
7869
tcp_rst_df = 0
7870
tcp_rst_ip_id_1 = !0
7871
tcp_rst_ip_id_2 = !0
7872
tcp_rst_ip_id_strategy = I
7873
tcp_rst_ttl = <255
7874
}
7875
7876
fingerprint {
7877
OS_ID = "Linux Kernel 2.2.17"
7878
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7879
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7880
#Date: 13 July 2003
7881
#Modified: 13 July 2003
7882
7883
#Module A [ICMP ECHO Probe]
7884
icmp_echo_reply = y
7885
7886
7887
icmp_echo_code = !0
7888
icmp_echo_ip_id = !0
7889
icmp_echo_tos_bits = !0
7890
icmp_echo_df_bit = 0
7891
icmp_echo_reply_ttl = <255
7892
7893
#Module B [ICMP Timestamp Probe]
7894
icmp_timestamp_reply = y
7895
icmp_timestamp_reply_ttl = <255
7896
icmp_timestamp_reply_ip_id = !0
7897
7898
#Module C [ICMP Address Mask Request Probe]
7899
icmp_addrmask_reply = n
7900
icmp_addrmask_reply_ttl = <255
7901
icmp_addrmask_reply_ip_id = !0
7902
7903
#Module D [ICMP Information Request Probe]
7904
icmp_info_reply = n
7905
icmp_info_reply_ttl = <255
7906
icmp_info_reply_ip_id = !0
7907
7908
#Module E [UDP -> ICMP Unreachable probe]
7909
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7910
icmp_unreach_reply = y
7911
icmp_unreach_echoed_dtsize = >64
7912
icmp_unreach_reply_ttl = <255
7913
icmp_unreach_precedence_bits = 0xc0
7914
icmp_unreach_df_bit = 0
7915
icmp_unreach_ip_id = !0
7916
7917
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7918
icmp_unreach_echoed_udp_cksum = OK
7919
icmp_unreach_echoed_ip_cksum = OK
7920
icmp_unreach_echoed_ip_id = OK
7921
icmp_unreach_echoed_total_len = OK
7922
icmp_unreach_echoed_3bit_flags = OK
7923
7924
#Module F [TCP SYN | ACK Module]
7925
#IP header of the TCP SYN ACK
7926
tcp_syn_ack_tos = 0
7927
tcp_syn_ack_df = 1
7928
tcp_syn_ack_ip_id = !0
7929
tcp_syn_ack_ttl = <64
7930
7931
#Information from the TCP header
7932
tcp_syn_ack_ack = 1
7933
tcp_syn_ack_window_size = 32120
7934
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
7935
tcp_syn_ack_wscale = 0
7936
tcp_syn_ack_tsval = !0
7937
tcp_syn_ack_tsecr = !0
7938
7939
#Module G [TCP RST|ACK]
7940
tcp_rst_reply = y
7941
tcp_rst_df = 0
7942
tcp_rst_ip_id_1 = !0
7943
tcp_rst_ip_id_2 = !0
7944
tcp_rst_ip_id_strategy = I
7945
tcp_rst_ttl = <255
7946
}
7947
7948
fingerprint {
7949
OS_ID = "Linux Kernel 2.2.16"
7950
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
7951
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
7952
#Date: 13 July 2003
7953
#Modified: 13 July 2003
7954
7955
#Module A [ICMP ECHO Probe]
7956
icmp_echo_reply = y
7957
7958
7959
icmp_echo_code = !0
7960
icmp_echo_ip_id = !0
7961
icmp_echo_tos_bits = !0
7962
icmp_echo_df_bit = 0
7963
icmp_echo_reply_ttl = <255
7964
7965
#Module B [ICMP Timestamp Probe]
7966
icmp_timestamp_reply = y
7967
icmp_timestamp_reply_ttl = <255
7968
icmp_timestamp_reply_ip_id = !0
7969
7970
#Module C [ICMP Address Mask Request Probe]
7971
icmp_addrmask_reply = n
7972
icmp_addrmask_reply_ttl = <255
7973
icmp_addrmask_reply_ip_id = !0
7974
7975
#Module D [ICMP Information Request Probe]
7976
icmp_info_reply = n
7977
icmp_info_reply_ttl = <255
7978
icmp_info_reply_ip_id = !0
7979
7980
#Module E [UDP -> ICMP Unreachable probe]
7981
#IP_Header_of_the_UDP_Port_Unreachable_error_message
7982
icmp_unreach_reply = y
7983
icmp_unreach_echoed_dtsize = >64
7984
icmp_unreach_reply_ttl = <255
7985
icmp_unreach_precedence_bits = 0xc0
7986
icmp_unreach_df_bit = 0
7987
icmp_unreach_ip_id = !0
7988
7989
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
7990
icmp_unreach_echoed_udp_cksum = OK
7991
icmp_unreach_echoed_ip_cksum = OK
7992
icmp_unreach_echoed_ip_id = OK
7993
icmp_unreach_echoed_total_len = OK
7994
icmp_unreach_echoed_3bit_flags = OK
7995
7996
#Module F [TCP SYN | ACK Module]
7997
#IP header of the TCP SYN ACK
7998
tcp_syn_ack_tos = 0
7999
tcp_syn_ack_df = 1
8000
tcp_syn_ack_ip_id = !0
8001
tcp_syn_ack_ttl = <64
8002
8003
#Information from the TCP header
8004
tcp_syn_ack_ack = 1
8005
tcp_syn_ack_window_size = 32120
8006
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8007
tcp_syn_ack_wscale = 0
8008
tcp_syn_ack_tsval = !0
8009
tcp_syn_ack_tsecr = !0
8010
8011
#Module G [TCP RST|ACK]
8012
tcp_rst_reply = y
8013
tcp_rst_df = 0
8014
tcp_rst_ip_id_1 = !0
8015
tcp_rst_ip_id_2 = !0
8016
tcp_rst_ip_id_strategy = I
8017
tcp_rst_ttl = <255
8018
}
8019
8020
fingerprint {
8021
OS_ID = "Linux Kernel 2.2.15"
8022
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8023
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8024
#Date: 13 July 2003
8025
#Modified: 13 July 2003
8026
8027
#Module A [ICMP ECHO Probe]
8028
icmp_echo_reply = y
8029
8030
8031
icmp_echo_code = !0
8032
icmp_echo_ip_id = !0
8033
icmp_echo_tos_bits = !0
8034
icmp_echo_df_bit = 0
8035
icmp_echo_reply_ttl = <255
8036
8037
#Module B [ICMP Timestamp Probe]
8038
icmp_timestamp_reply = y
8039
icmp_timestamp_reply_ttl = <255
8040
icmp_timestamp_reply_ip_id = !0
8041
8042
#Module C [ICMP Address Mask Request Probe]
8043
icmp_addrmask_reply = n
8044
icmp_addrmask_reply_ttl = <255
8045
icmp_addrmask_reply_ip_id = !0
8046
8047
#Module D [ICMP Information Request Probe]
8048
icmp_info_reply = n
8049
icmp_info_reply_ttl = <255
8050
icmp_info_reply_ip_id = !0
8051
8052
#Module E [UDP -> ICMP Unreachable probe]
8053
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8054
icmp_unreach_reply = y
8055
icmp_unreach_echoed_dtsize = >64
8056
icmp_unreach_reply_ttl = <255
8057
icmp_unreach_precedence_bits = 0xc0
8058
icmp_unreach_df_bit = 0
8059
icmp_unreach_ip_id = !0
8060
8061
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8062
icmp_unreach_echoed_udp_cksum = OK
8063
icmp_unreach_echoed_ip_cksum = OK
8064
icmp_unreach_echoed_ip_id = OK
8065
icmp_unreach_echoed_total_len = OK
8066
icmp_unreach_echoed_3bit_flags = OK
8067
8068
#Module F [TCP SYN | ACK Module]
8069
#IP header of the TCP SYN ACK
8070
tcp_syn_ack_tos = 0
8071
tcp_syn_ack_df = 1
8072
tcp_syn_ack_ip_id = !0
8073
tcp_syn_ack_ttl = <64
8074
8075
#Information from the TCP header
8076
tcp_syn_ack_ack = 1
8077
tcp_syn_ack_window_size = 32120
8078
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8079
tcp_syn_ack_wscale = 0
8080
tcp_syn_ack_tsval = !0
8081
tcp_syn_ack_tsecr = !0
8082
8083
#Module G [TCP RST|ACK]
8084
tcp_rst_reply = y
8085
tcp_rst_df = 0
8086
tcp_rst_ip_id_1 = !0
8087
tcp_rst_ip_id_2 = !0
8088
tcp_rst_ip_id_strategy = I
8089
tcp_rst_ttl = <255
8090
}
8091
8092
fingerprint {
8093
OS_ID = "Linux Kernel 2.2.14"
8094
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8095
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8096
#Date: 13 July 2003
8097
#Modified: 13 July 2003
8098
8099
#Module A [ICMP ECHO Probe]
8100
icmp_echo_reply = y
8101
8102
8103
icmp_echo_code = !0
8104
icmp_echo_ip_id = !0
8105
icmp_echo_tos_bits = !0
8106
icmp_echo_df_bit = 0
8107
icmp_echo_reply_ttl = <255
8108
8109
#Module B [ICMP Timestamp Probe]
8110
icmp_timestamp_reply = y
8111
icmp_timestamp_reply_ttl = <255
8112
icmp_timestamp_reply_ip_id = !0
8113
8114
#Module C [ICMP Address Mask Request Probe]
8115
icmp_addrmask_reply = n
8116
icmp_addrmask_reply_ttl = <255
8117
icmp_addrmask_reply_ip_id = !0
8118
8119
#Module D [ICMP Information Request Probe]
8120
icmp_info_reply = n
8121
icmp_info_reply_ttl = <255
8122
icmp_info_reply_ip_id = !0
8123
8124
#Module E [UDP -> ICMP Unreachable probe]
8125
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8126
icmp_unreach_reply = y
8127
icmp_unreach_echoed_dtsize = >64
8128
icmp_unreach_reply_ttl = <255
8129
icmp_unreach_precedence_bits = 0xc0
8130
icmp_unreach_df_bit = 0
8131
icmp_unreach_ip_id = !0
8132
8133
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8134
icmp_unreach_echoed_udp_cksum = OK
8135
icmp_unreach_echoed_ip_cksum = OK
8136
icmp_unreach_echoed_ip_id = OK
8137
icmp_unreach_echoed_total_len = OK
8138
icmp_unreach_echoed_3bit_flags = OK
8139
8140
#Module F [TCP SYN | ACK Module]
8141
#IP header of the TCP SYN ACK
8142
tcp_syn_ack_tos = 0
8143
tcp_syn_ack_df = 1
8144
tcp_syn_ack_ip_id = !0
8145
tcp_syn_ack_ttl = <64
8146
8147
#Information from the TCP header
8148
tcp_syn_ack_ack = 1
8149
tcp_syn_ack_window_size = 32120
8150
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8151
tcp_syn_ack_wscale = 0
8152
tcp_syn_ack_tsval = !0
8153
tcp_syn_ack_tsecr = !0
8154
8155
#Module G [TCP RST|ACK]
8156
tcp_rst_reply = y
8157
tcp_rst_df = 0
8158
tcp_rst_ip_id_1 = !0
8159
tcp_rst_ip_id_2 = !0
8160
tcp_rst_ip_id_strategy = I
8161
tcp_rst_ttl = <255
8162
}
8163
8164
fingerprint {
8165
OS_ID = "Linux Kernel 2.2.13"
8166
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8167
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8168
#Date: 13 July 2003
8169
#Modified: 13 July 2003
8170
8171
#Module A [ICMP ECHO Probe]
8172
icmp_echo_reply = y
8173
8174
8175
icmp_echo_code = !0
8176
icmp_echo_ip_id = !0
8177
icmp_echo_tos_bits = !0
8178
icmp_echo_df_bit = 0
8179
icmp_echo_reply_ttl = <255
8180
8181
#Module B [ICMP Timestamp Probe]
8182
icmp_timestamp_reply = y
8183
icmp_timestamp_reply_ttl = <255
8184
icmp_timestamp_reply_ip_id = !0
8185
8186
#Module C [ICMP Address Mask Request Probe]
8187
icmp_addrmask_reply = n
8188
icmp_addrmask_reply_ttl = <255
8189
icmp_addrmask_reply_ip_id = !0
8190
8191
#Module D [ICMP Information Request Probe]
8192
icmp_info_reply = n
8193
icmp_info_reply_ttl = <255
8194
icmp_info_reply_ip_id = !0
8195
8196
#Module E [UDP -> ICMP Unreachable probe]
8197
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8198
icmp_unreach_reply = y
8199
icmp_unreach_echoed_dtsize = >64
8200
icmp_unreach_reply_ttl = <255
8201
icmp_unreach_precedence_bits = 0xc0
8202
icmp_unreach_df_bit = 0
8203
icmp_unreach_ip_id = !0
8204
8205
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8206
icmp_unreach_echoed_udp_cksum = OK
8207
icmp_unreach_echoed_ip_cksum = OK
8208
icmp_unreach_echoed_ip_id = OK
8209
icmp_unreach_echoed_total_len = OK
8210
icmp_unreach_echoed_3bit_flags = OK
8211
8212
#Module F [TCP SYN | ACK Module]
8213
#IP header of the TCP SYN ACK
8214
tcp_syn_ack_tos = 0
8215
tcp_syn_ack_df = 1
8216
tcp_syn_ack_ip_id = !0
8217
tcp_syn_ack_ttl = <64
8218
8219
#Information from the TCP header
8220
tcp_syn_ack_ack = 1
8221
tcp_syn_ack_window_size = 32120
8222
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8223
tcp_syn_ack_wscale = 0
8224
tcp_syn_ack_tsval = !0
8225
tcp_syn_ack_tsecr = !0
8226
8227
#Module G [TCP RST|ACK]
8228
tcp_rst_reply = y
8229
tcp_rst_df = 0
8230
tcp_rst_ip_id_1 = !0
8231
tcp_rst_ip_id_2 = !0
8232
tcp_rst_ip_id_strategy = I
8233
tcp_rst_ttl = <255
8234
}
8235
8236
fingerprint {
8237
OS_ID = "Linux Kernel 2.2.12"
8238
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8239
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8240
#Date: 13 July 2003
8241
#Modified: 13 July 2003
8242
8243
#Module A [ICMP ECHO Probe]
8244
icmp_echo_reply = y
8245
8246
8247
icmp_echo_code = !0
8248
icmp_echo_ip_id = !0
8249
icmp_echo_tos_bits = !0
8250
icmp_echo_df_bit = 0
8251
icmp_echo_reply_ttl = <255
8252
8253
#Module B [ICMP Timestamp Probe]
8254
icmp_timestamp_reply = y
8255
icmp_timestamp_reply_ttl = <255
8256
icmp_timestamp_reply_ip_id = !0
8257
8258
#Module C [ICMP Address Mask Request Probe]
8259
icmp_addrmask_reply = n
8260
icmp_addrmask_reply_ttl = <255
8261
icmp_addrmask_reply_ip_id = !0
8262
8263
#Module D [ICMP Information Request Probe]
8264
icmp_info_reply = n
8265
icmp_info_reply_ttl = <255
8266
icmp_info_reply_ip_id = !0
8267
8268
#Module E [UDP -> ICMP Unreachable probe]
8269
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8270
icmp_unreach_reply = y
8271
icmp_unreach_echoed_dtsize = >64
8272
icmp_unreach_reply_ttl = <255
8273
icmp_unreach_precedence_bits = 0xc0
8274
icmp_unreach_df_bit = 0
8275
icmp_unreach_ip_id = !0
8276
8277
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8278
icmp_unreach_echoed_udp_cksum = OK
8279
icmp_unreach_echoed_ip_cksum = OK
8280
icmp_unreach_echoed_ip_id = OK
8281
icmp_unreach_echoed_total_len = OK
8282
icmp_unreach_echoed_3bit_flags = OK
8283
8284
#Module F [TCP SYN | ACK Module]
8285
#IP header of the TCP SYN ACK
8286
tcp_syn_ack_tos = 0
8287
tcp_syn_ack_df = 1
8288
tcp_syn_ack_ip_id = !0
8289
tcp_syn_ack_ttl = <64
8290
8291
#Information from the TCP header
8292
tcp_syn_ack_ack = 1
8293
tcp_syn_ack_window_size = 32120
8294
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8295
tcp_syn_ack_wscale = 0
8296
tcp_syn_ack_tsval = !0
8297
tcp_syn_ack_tsecr = !0
8298
8299
#Module G [TCP RST|ACK]
8300
tcp_rst_reply = y
8301
tcp_rst_df = 0
8302
tcp_rst_ip_id_1 = !0
8303
tcp_rst_ip_id_2 = !0
8304
tcp_rst_ip_id_strategy = I
8305
tcp_rst_ttl = <255
8306
}
8307
8308
fingerprint {
8309
OS_ID = "Linux Kernel 2.2.11"
8310
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8311
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8312
#Date: 13 July 2003
8313
#Modified: 13 July 2003
8314
8315
#Module A [ICMP ECHO Probe]
8316
icmp_echo_reply = y
8317
8318
8319
icmp_echo_code = !0
8320
icmp_echo_ip_id = !0
8321
icmp_echo_tos_bits = !0
8322
icmp_echo_df_bit = 0
8323
icmp_echo_reply_ttl = <255
8324
8325
#Module B [ICMP Timestamp Probe]
8326
icmp_timestamp_reply = y
8327
icmp_timestamp_reply_ttl = <255
8328
icmp_timestamp_reply_ip_id = !0
8329
8330
#Module C [ICMP Address Mask Request Probe]
8331
icmp_addrmask_reply = n
8332
icmp_addrmask_reply_ttl = <255
8333
icmp_addrmask_reply_ip_id = !0
8334
8335
#Module D [ICMP Information Request Probe]
8336
icmp_info_reply = n
8337
icmp_info_reply_ttl = <255
8338
icmp_info_reply_ip_id = !0
8339
8340
#Module E [UDP -> ICMP Unreachable probe]
8341
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8342
icmp_unreach_reply = y
8343
icmp_unreach_echoed_dtsize = >64
8344
icmp_unreach_reply_ttl = <255
8345
icmp_unreach_precedence_bits = 0xc0
8346
icmp_unreach_df_bit = 0
8347
icmp_unreach_ip_id = !0
8348
8349
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8350
icmp_unreach_echoed_udp_cksum = OK
8351
icmp_unreach_echoed_ip_cksum = OK
8352
icmp_unreach_echoed_ip_id = OK
8353
icmp_unreach_echoed_total_len = OK
8354
icmp_unreach_echoed_3bit_flags = OK
8355
8356
#Module F [TCP SYN | ACK Module]
8357
#IP header of the TCP SYN ACK
8358
tcp_syn_ack_tos = 0
8359
tcp_syn_ack_df = 1
8360
tcp_syn_ack_ip_id = !0
8361
tcp_syn_ack_ttl = <64
8362
8363
#Information from the TCP header
8364
tcp_syn_ack_ack = 1
8365
tcp_syn_ack_window_size = 32120
8366
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8367
tcp_syn_ack_wscale = 0
8368
tcp_syn_ack_tsval = !0
8369
tcp_syn_ack_tsecr = !0
8370
8371
#Module G [TCP RST|ACK]
8372
tcp_rst_reply = y
8373
tcp_rst_df = 0
8374
tcp_rst_ip_id_1 = !0
8375
tcp_rst_ip_id_2 = !0
8376
tcp_rst_ip_id_strategy = I
8377
tcp_rst_ttl = <255
8378
}
8379
8380
fingerprint {
8381
OS_ID = "Linux Kernel 2.2.10"
8382
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8383
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8384
#Date: 13 July 2003
8385
#Modified: 13 July 2003
8386
8387
#Module A [ICMP ECHO Probe]
8388
icmp_echo_reply = y
8389
8390
8391
icmp_echo_code = !0
8392
icmp_echo_ip_id = !0
8393
icmp_echo_tos_bits = !0
8394
icmp_echo_df_bit = 0
8395
icmp_echo_reply_ttl = <255
8396
8397
#Module B [ICMP Timestamp Probe]
8398
icmp_timestamp_reply = y
8399
icmp_timestamp_reply_ttl = <255
8400
icmp_timestamp_reply_ip_id = !0
8401
8402
#Module C [ICMP Address Mask Request Probe]
8403
icmp_addrmask_reply = n
8404
icmp_addrmask_reply_ttl = <255
8405
icmp_addrmask_reply_ip_id = !0
8406
8407
#Module D [ICMP Information Request Probe]
8408
icmp_info_reply = n
8409
icmp_info_reply_ttl = <255
8410
icmp_info_reply_ip_id = !0
8411
8412
#Module E [UDP -> ICMP Unreachable probe]
8413
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8414
icmp_unreach_reply = y
8415
icmp_unreach_echoed_dtsize = >64
8416
icmp_unreach_reply_ttl = <255
8417
icmp_unreach_precedence_bits = 0xc0
8418
icmp_unreach_df_bit = 0
8419
icmp_unreach_ip_id = !0
8420
8421
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8422
icmp_unreach_echoed_udp_cksum = OK
8423
icmp_unreach_echoed_ip_cksum = OK
8424
icmp_unreach_echoed_ip_id = OK
8425
icmp_unreach_echoed_total_len = OK
8426
icmp_unreach_echoed_3bit_flags = OK
8427
8428
#Module F [TCP SYN | ACK Module]
8429
#IP header of the TCP SYN ACK
8430
tcp_syn_ack_tos = 0
8431
tcp_syn_ack_df = 1
8432
tcp_syn_ack_ip_id = !0
8433
tcp_syn_ack_ttl = <64
8434
8435
#Information from the TCP header
8436
tcp_syn_ack_ack = 1
8437
tcp_syn_ack_window_size = 32120
8438
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8439
tcp_syn_ack_wscale = 0
8440
tcp_syn_ack_tsval = !0
8441
tcp_syn_ack_tsecr = !0
8442
8443
#Module G [TCP RST|ACK]
8444
tcp_rst_reply = y
8445
tcp_rst_df = 0
8446
tcp_rst_ip_id_1 = !0
8447
tcp_rst_ip_id_2 = !0
8448
tcp_rst_ip_id_strategy = I
8449
tcp_rst_ttl = <255
8450
}
8451
8452
fingerprint {
8453
OS_ID = "Linux Kernel 2.2.9"
8454
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8455
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8456
#Date: 13 July 2003
8457
#Modified: 13 July 2003
8458
8459
#Module A [ICMP ECHO Probe]
8460
icmp_echo_reply = y
8461
8462
8463
icmp_echo_code = !0
8464
icmp_echo_ip_id = !0
8465
icmp_echo_tos_bits = !0
8466
icmp_echo_df_bit = 0
8467
icmp_echo_reply_ttl = <255
8468
8469
#Module B [ICMP Timestamp Probe]
8470
icmp_timestamp_reply = y
8471
icmp_timestamp_reply_ttl = <255
8472
icmp_timestamp_reply_ip_id = !0
8473
8474
#Module C [ICMP Address Mask Request Probe]
8475
icmp_addrmask_reply = n
8476
icmp_addrmask_reply_ttl = <255
8477
icmp_addrmask_reply_ip_id = !0
8478
8479
#Module D [ICMP Information Request Probe]
8480
icmp_info_reply = n
8481
icmp_info_reply_ttl = <255
8482
icmp_info_reply_ip_id = !0
8483
8484
#Module E [UDP -> ICMP Unreachable probe]
8485
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8486
icmp_unreach_reply = y
8487
icmp_unreach_echoed_dtsize = >64
8488
icmp_unreach_reply_ttl = <255
8489
icmp_unreach_precedence_bits = 0xc0
8490
icmp_unreach_df_bit = 0
8491
icmp_unreach_ip_id = !0
8492
8493
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8494
icmp_unreach_echoed_udp_cksum = OK
8495
icmp_unreach_echoed_ip_cksum = OK
8496
icmp_unreach_echoed_ip_id = OK
8497
icmp_unreach_echoed_total_len = OK
8498
icmp_unreach_echoed_3bit_flags = OK
8499
8500
#Module F [TCP SYN | ACK Module]
8501
#IP header of the TCP SYN ACK
8502
tcp_syn_ack_tos = 0
8503
tcp_syn_ack_df = 1
8504
tcp_syn_ack_ip_id = !0
8505
tcp_syn_ack_ttl = <64
8506
8507
#Information from the TCP header
8508
tcp_syn_ack_ack = 1
8509
tcp_syn_ack_window_size = 32120
8510
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8511
tcp_syn_ack_wscale = 0
8512
tcp_syn_ack_tsval = !0
8513
tcp_syn_ack_tsecr = !0
8514
8515
#Module G [TCP RST|ACK]
8516
tcp_rst_reply = y
8517
tcp_rst_df = 0
8518
tcp_rst_ip_id_1 = !0
8519
tcp_rst_ip_id_2 = !0
8520
tcp_rst_ip_id_strategy = I
8521
tcp_rst_ttl = <255
8522
}
8523
8524
fingerprint {
8525
OS_ID = "Linux Kernel 2.2.8"
8526
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8527
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8528
#Date: 13 July 2003
8529
#Modified: 13 July 2003
8530
8531
#Module A [ICMP ECHO Probe]
8532
icmp_echo_reply = y
8533
8534
8535
icmp_echo_code = !0
8536
icmp_echo_ip_id = !0
8537
icmp_echo_tos_bits = !0
8538
icmp_echo_df_bit = 0
8539
icmp_echo_reply_ttl = <255
8540
8541
#Module B [ICMP Timestamp Probe]
8542
icmp_timestamp_reply = y
8543
icmp_timestamp_reply_ttl = <255
8544
icmp_timestamp_reply_ip_id = !0
8545
8546
#Module C [ICMP Address Mask Request Probe]
8547
icmp_addrmask_reply = n
8548
icmp_addrmask_reply_ttl = <255
8549
icmp_addrmask_reply_ip_id = !0
8550
8551
#Module D [ICMP Information Request Probe]
8552
icmp_info_reply = n
8553
icmp_info_reply_ttl = <255
8554
icmp_info_reply_ip_id = !0
8555
8556
#Module E [UDP -> ICMP Unreachable probe]
8557
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8558
icmp_unreach_reply = y
8559
icmp_unreach_echoed_dtsize = >64
8560
icmp_unreach_reply_ttl = <255
8561
icmp_unreach_precedence_bits = 0xc0
8562
icmp_unreach_df_bit = 0
8563
icmp_unreach_ip_id = !0
8564
8565
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8566
icmp_unreach_echoed_udp_cksum = OK
8567
icmp_unreach_echoed_ip_cksum = OK
8568
icmp_unreach_echoed_ip_id = OK
8569
icmp_unreach_echoed_total_len = OK
8570
icmp_unreach_echoed_3bit_flags = OK
8571
8572
#Module F [TCP SYN | ACK Module]
8573
#IP header of the TCP SYN ACK
8574
tcp_syn_ack_tos = 0
8575
tcp_syn_ack_df = 1
8576
tcp_syn_ack_ip_id = !0
8577
tcp_syn_ack_ttl = <64
8578
8579
#Information from the TCP header
8580
tcp_syn_ack_ack = 1
8581
tcp_syn_ack_window_size = 32120
8582
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8583
tcp_syn_ack_wscale = 0
8584
tcp_syn_ack_tsval = !0
8585
tcp_syn_ack_tsecr = !0
8586
8587
#Module G [TCP RST|ACK]
8588
tcp_rst_reply = y
8589
tcp_rst_df = 0
8590
tcp_rst_ip_id_1 = !0
8591
tcp_rst_ip_id_2 = !0
8592
tcp_rst_ip_id_strategy = I
8593
tcp_rst_ttl = <255
8594
}
8595
8596
fingerprint {
8597
OS_ID = "Linux Kernel 2.2.7"
8598
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8599
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8600
#Date: 13 July 2003
8601
#Modified: 13 July 2003
8602
8603
#Module A [ICMP ECHO Probe]
8604
icmp_echo_reply = y
8605
8606
8607
icmp_echo_code = !0
8608
icmp_echo_ip_id = !0
8609
icmp_echo_tos_bits = !0
8610
icmp_echo_df_bit = 0
8611
icmp_echo_reply_ttl = <255
8612
8613
#Module B [ICMP Timestamp Probe]
8614
icmp_timestamp_reply = y
8615
icmp_timestamp_reply_ttl = <255
8616
icmp_timestamp_reply_ip_id = !0
8617
8618
#Module C [ICMP Address Mask Request Probe]
8619
icmp_addrmask_reply = n
8620
icmp_addrmask_reply_ttl = <255
8621
icmp_addrmask_reply_ip_id = !0
8622
8623
#Module D [ICMP Information Request Probe]
8624
icmp_info_reply = n
8625
icmp_info_reply_ttl = <255
8626
icmp_info_reply_ip_id = !0
8627
8628
#Module E [UDP -> ICMP Unreachable probe]
8629
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8630
icmp_unreach_reply = y
8631
icmp_unreach_echoed_dtsize = >64
8632
icmp_unreach_reply_ttl = <255
8633
icmp_unreach_precedence_bits = 0xc0
8634
icmp_unreach_df_bit = 0
8635
icmp_unreach_ip_id = !0
8636
8637
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8638
icmp_unreach_echoed_udp_cksum = OK
8639
icmp_unreach_echoed_ip_cksum = OK
8640
icmp_unreach_echoed_ip_id = OK
8641
icmp_unreach_echoed_total_len = OK
8642
icmp_unreach_echoed_3bit_flags = OK
8643
8644
#Module F [TCP SYN | ACK Module]
8645
#IP header of the TCP SYN ACK
8646
tcp_syn_ack_tos = 0
8647
tcp_syn_ack_df = 1
8648
tcp_syn_ack_ip_id = !0
8649
tcp_syn_ack_ttl = <64
8650
8651
#Information from the TCP header
8652
tcp_syn_ack_ack = 1
8653
tcp_syn_ack_window_size = 32120
8654
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8655
tcp_syn_ack_wscale = 0
8656
tcp_syn_ack_tsval = !0
8657
tcp_syn_ack_tsecr = !0
8658
8659
#Module G [TCP RST|ACK]
8660
tcp_rst_reply = y
8661
tcp_rst_df = 0
8662
tcp_rst_ip_id_1 = !0
8663
tcp_rst_ip_id_2 = !0
8664
tcp_rst_ip_id_strategy = I
8665
tcp_rst_ttl = <255
8666
}
8667
8668
fingerprint {
8669
OS_ID = "Linux Kernel 2.2.6"
8670
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8671
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8672
#Date: 13 July 2003
8673
#Modified: 13 July 2003
8674
8675
#Module A [ICMP ECHO Probe]
8676
icmp_echo_reply = y
8677
8678
8679
icmp_echo_code = !0
8680
icmp_echo_ip_id = !0
8681
icmp_echo_tos_bits = !0
8682
icmp_echo_df_bit = 0
8683
icmp_echo_reply_ttl = <255
8684
8685
#Module B [ICMP Timestamp Probe]
8686
icmp_timestamp_reply = y
8687
icmp_timestamp_reply_ttl = <255
8688
icmp_timestamp_reply_ip_id = !0
8689
8690
#Module C [ICMP Address Mask Request Probe]
8691
icmp_addrmask_reply = n
8692
icmp_addrmask_reply_ttl = <255
8693
icmp_addrmask_reply_ip_id = !0
8694
8695
#Module D [ICMP Information Request Probe]
8696
icmp_info_reply = n
8697
icmp_info_reply_ttl = <255
8698
icmp_info_reply_ip_id = !0
8699
8700
#Module E [UDP -> ICMP Unreachable probe]
8701
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8702
icmp_unreach_reply = y
8703
icmp_unreach_echoed_dtsize = >64
8704
icmp_unreach_reply_ttl = <255
8705
icmp_unreach_precedence_bits = 0xc0
8706
icmp_unreach_df_bit = 0
8707
icmp_unreach_ip_id = !0
8708
8709
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8710
icmp_unreach_echoed_udp_cksum = OK
8711
icmp_unreach_echoed_ip_cksum = OK
8712
icmp_unreach_echoed_ip_id = OK
8713
icmp_unreach_echoed_total_len = OK
8714
icmp_unreach_echoed_3bit_flags = OK
8715
8716
#Module F [TCP SYN | ACK Module]
8717
#IP header of the TCP SYN ACK
8718
tcp_syn_ack_tos = 0
8719
tcp_syn_ack_df = 1
8720
tcp_syn_ack_ip_id = !0
8721
tcp_syn_ack_ttl = <64
8722
8723
#Information from the TCP header
8724
tcp_syn_ack_ack = 1
8725
tcp_syn_ack_window_size = 32120
8726
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8727
tcp_syn_ack_wscale = 0
8728
tcp_syn_ack_tsval = !0
8729
tcp_syn_ack_tsecr = !0
8730
8731
#Module G [TCP RST|ACK]
8732
tcp_rst_reply = y
8733
tcp_rst_df = 0
8734
tcp_rst_ip_id_1 = !0
8735
tcp_rst_ip_id_2 = !0
8736
tcp_rst_ip_id_strategy = I
8737
tcp_rst_ttl = <255
8738
}
8739
8740
fingerprint {
8741
OS_ID = "Linux Kernel 2.2.5"
8742
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8743
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8744
#Date: 13 July 2003
8745
#Modified: 13 July 2003
8746
8747
#Module A [ICMP ECHO Probe]
8748
icmp_echo_reply = y
8749
8750
8751
icmp_echo_code = !0
8752
icmp_echo_ip_id = !0
8753
icmp_echo_tos_bits = !0
8754
icmp_echo_df_bit = 0
8755
icmp_echo_reply_ttl = <255
8756
8757
#Module B [ICMP Timestamp Probe]
8758
icmp_timestamp_reply = y
8759
icmp_timestamp_reply_ttl = <255
8760
icmp_timestamp_reply_ip_id = !0
8761
8762
#Module C [ICMP Address Mask Request Probe]
8763
icmp_addrmask_reply = n
8764
icmp_addrmask_reply_ttl = <255
8765
icmp_addrmask_reply_ip_id = !0
8766
8767
#Module D [ICMP Information Request Probe]
8768
icmp_info_reply = n
8769
icmp_info_reply_ttl = <255
8770
icmp_info_reply_ip_id = !0
8771
8772
#Module E [UDP -> ICMP Unreachable probe]
8773
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8774
icmp_unreach_reply = y
8775
icmp_unreach_echoed_dtsize = >64
8776
icmp_unreach_reply_ttl = <255
8777
icmp_unreach_precedence_bits = 0xc0
8778
icmp_unreach_df_bit = 0
8779
icmp_unreach_ip_id = !0
8780
8781
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8782
icmp_unreach_echoed_udp_cksum = OK
8783
icmp_unreach_echoed_ip_cksum = OK
8784
icmp_unreach_echoed_ip_id = OK
8785
icmp_unreach_echoed_total_len = OK
8786
icmp_unreach_echoed_3bit_flags = OK
8787
8788
#Module F [TCP SYN | ACK Module]
8789
#IP header of the TCP SYN ACK
8790
tcp_syn_ack_tos = 0
8791
tcp_syn_ack_df = 1
8792
tcp_syn_ack_ip_id = !0
8793
tcp_syn_ack_ttl = <64
8794
8795
#Information from the TCP header
8796
tcp_syn_ack_ack = 1
8797
tcp_syn_ack_window_size = 32120
8798
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8799
tcp_syn_ack_wscale = 0
8800
tcp_syn_ack_tsval = !0
8801
tcp_syn_ack_tsecr = !0
8802
8803
#Module G [TCP RST|ACK]
8804
tcp_rst_reply = y
8805
tcp_rst_df = 0
8806
tcp_rst_ip_id_1 = !0
8807
tcp_rst_ip_id_2 = !0
8808
tcp_rst_ip_id_strategy = I
8809
tcp_rst_ttl = <255
8810
}
8811
8812
fingerprint {
8813
OS_ID = "Linux Kernel 2.2.4"
8814
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8815
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8816
#Date: 13 July 2003
8817
#Modified: 13 July 2003
8818
8819
#Module A [ICMP ECHO Probe]
8820
icmp_echo_reply = y
8821
8822
8823
icmp_echo_code = !0
8824
icmp_echo_ip_id = !0
8825
icmp_echo_tos_bits = !0
8826
icmp_echo_df_bit = 0
8827
icmp_echo_reply_ttl = <255
8828
8829
#Module B [ICMP Timestamp Probe]
8830
icmp_timestamp_reply = y
8831
icmp_timestamp_reply_ttl = <255
8832
icmp_timestamp_reply_ip_id = !0
8833
8834
#Module C [ICMP Address Mask Request Probe]
8835
icmp_addrmask_reply = n
8836
icmp_addrmask_reply_ttl = <255
8837
icmp_addrmask_reply_ip_id = !0
8838
8839
#Module D [ICMP Information Request Probe]
8840
icmp_info_reply = n
8841
icmp_info_reply_ttl = <255
8842
icmp_info_reply_ip_id = !0
8843
8844
#Module E [UDP -> ICMP Unreachable probe]
8845
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8846
icmp_unreach_reply = y
8847
icmp_unreach_echoed_dtsize = >64
8848
icmp_unreach_reply_ttl = <255
8849
icmp_unreach_precedence_bits = 0xc0
8850
icmp_unreach_df_bit = 0
8851
icmp_unreach_ip_id = !0
8852
8853
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8854
icmp_unreach_echoed_udp_cksum = OK
8855
icmp_unreach_echoed_ip_cksum = OK
8856
icmp_unreach_echoed_ip_id = OK
8857
icmp_unreach_echoed_total_len = OK
8858
icmp_unreach_echoed_3bit_flags = OK
8859
8860
#Module F [TCP SYN | ACK Module]
8861
#IP header of the TCP SYN ACK
8862
tcp_syn_ack_tos = 0
8863
tcp_syn_ack_df = 1
8864
tcp_syn_ack_ip_id = !0
8865
tcp_syn_ack_ttl = <64
8866
8867
#Information from the TCP header
8868
tcp_syn_ack_ack = 1
8869
tcp_syn_ack_window_size = 32120
8870
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8871
tcp_syn_ack_wscale = 0
8872
tcp_syn_ack_tsval = !0
8873
tcp_syn_ack_tsecr = !0
8874
8875
#Module G [TCP RST|ACK]
8876
tcp_rst_reply = y
8877
tcp_rst_df = 0
8878
tcp_rst_ip_id_1 = !0
8879
tcp_rst_ip_id_2 = !0
8880
tcp_rst_ip_id_strategy = I
8881
tcp_rst_ttl = <255
8882
}
8883
8884
fingerprint {
8885
OS_ID = "Linux Kernel 2.2.3"
8886
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8887
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8888
#Date: 13 July 2003
8889
#Modified: 13 July 2003
8890
8891
#Module A [ICMP ECHO Probe]
8892
icmp_echo_reply = y
8893
8894
8895
icmp_echo_code = !0
8896
icmp_echo_ip_id = !0
8897
icmp_echo_tos_bits = !0
8898
icmp_echo_df_bit = 0
8899
icmp_echo_reply_ttl = <255
8900
8901
#Module B [ICMP Timestamp Probe]
8902
icmp_timestamp_reply = y
8903
icmp_timestamp_reply_ttl = <255
8904
icmp_timestamp_reply_ip_id = !0
8905
8906
#Module C [ICMP Address Mask Request Probe]
8907
icmp_addrmask_reply = n
8908
icmp_addrmask_reply_ttl = <255
8909
icmp_addrmask_reply_ip_id = !0
8910
8911
#Module D [ICMP Information Request Probe]
8912
icmp_info_reply = n
8913
icmp_info_reply_ttl = <255
8914
icmp_info_reply_ip_id = !0
8915
8916
#Module E [UDP -> ICMP Unreachable probe]
8917
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8918
icmp_unreach_reply = y
8919
icmp_unreach_echoed_dtsize = >64
8920
icmp_unreach_reply_ttl = <255
8921
icmp_unreach_precedence_bits = 0xc0
8922
icmp_unreach_df_bit = 0
8923
icmp_unreach_ip_id = !0
8924
8925
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8926
icmp_unreach_echoed_udp_cksum = OK
8927
icmp_unreach_echoed_ip_cksum = OK
8928
icmp_unreach_echoed_ip_id = OK
8929
icmp_unreach_echoed_total_len = OK
8930
icmp_unreach_echoed_3bit_flags = OK
8931
8932
#Module F [TCP SYN | ACK Module]
8933
#IP header of the TCP SYN ACK
8934
tcp_syn_ack_tos = 0
8935
tcp_syn_ack_df = 1
8936
tcp_syn_ack_ip_id = !0
8937
tcp_syn_ack_ttl = <64
8938
8939
#Information from the TCP header
8940
tcp_syn_ack_ack = 1
8941
tcp_syn_ack_window_size = 32120
8942
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
8943
tcp_syn_ack_wscale = 0
8944
tcp_syn_ack_tsval = !0
8945
tcp_syn_ack_tsecr = !0
8946
8947
#Module G [TCP RST|ACK]
8948
tcp_rst_reply = y
8949
tcp_rst_df = 0
8950
tcp_rst_ip_id_1 = !0
8951
tcp_rst_ip_id_2 = !0
8952
tcp_rst_ip_id_strategy = I
8953
tcp_rst_ttl = <255
8954
}
8955
8956
fingerprint {
8957
OS_ID = "Linux Kernel 2.2.2"
8958
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
8959
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
8960
#Date: 13 July 2003
8961
#Modified: 13 July 2003
8962
8963
#Module A [ICMP ECHO Probe]
8964
icmp_echo_reply = y
8965
8966
8967
icmp_echo_code = !0
8968
icmp_echo_ip_id = !0
8969
icmp_echo_tos_bits = !0
8970
icmp_echo_df_bit = 0
8971
icmp_echo_reply_ttl = <255
8972
8973
#Module B [ICMP Timestamp Probe]
8974
icmp_timestamp_reply = y
8975
icmp_timestamp_reply_ttl = <255
8976
icmp_timestamp_reply_ip_id = !0
8977
8978
#Module C [ICMP Address Mask Request Probe]
8979
icmp_addrmask_reply = n
8980
icmp_addrmask_reply_ttl = <255
8981
icmp_addrmask_reply_ip_id = !0
8982
8983
#Module D [ICMP Information Request Probe]
8984
icmp_info_reply = n
8985
icmp_info_reply_ttl = <255
8986
icmp_info_reply_ip_id = !0
8987
8988
#Module E [UDP -> ICMP Unreachable probe]
8989
#IP_Header_of_the_UDP_Port_Unreachable_error_message
8990
icmp_unreach_reply = y
8991
icmp_unreach_echoed_dtsize = >64
8992
icmp_unreach_reply_ttl = <255
8993
icmp_unreach_precedence_bits = 0xc0
8994
icmp_unreach_df_bit = 0
8995
icmp_unreach_ip_id = !0
8996
8997
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
8998
icmp_unreach_echoed_udp_cksum = OK
8999
icmp_unreach_echoed_ip_cksum = OK
9000
icmp_unreach_echoed_ip_id = OK
9001
icmp_unreach_echoed_total_len = OK
9002
icmp_unreach_echoed_3bit_flags = OK
9003
9004
#Module F [TCP SYN | ACK Module]
9005
#IP header of the TCP SYN ACK
9006
tcp_syn_ack_tos = 0
9007
tcp_syn_ack_df = 1
9008
tcp_syn_ack_ip_id = !0
9009
tcp_syn_ack_ttl = <64
9010
9011
#Information from the TCP header
9012
tcp_syn_ack_ack = 1
9013
tcp_syn_ack_window_size = 32120
9014
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
9015
tcp_syn_ack_wscale = 0
9016
tcp_syn_ack_tsval = !0
9017
tcp_syn_ack_tsecr = !0
9018
9019
#Module G [TCP RST|ACK]
9020
tcp_rst_reply = y
9021
tcp_rst_df = 0
9022
tcp_rst_ip_id_1 = !0
9023
tcp_rst_ip_id_2 = !0
9024
tcp_rst_ip_id_strategy = I
9025
tcp_rst_ttl = <255
9026
}
9027
9028
fingerprint {
9029
OS_ID = "Linux Kernel 2.2.1"
9030
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9031
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9032
#Date: 13 July 2003
9033
#Modified: 13 July 2003
9034
9035
#Module A [ICMP ECHO Probe]
9036
icmp_echo_reply = y
9037
9038
9039
icmp_echo_code = !0
9040
icmp_echo_ip_id = !0
9041
icmp_echo_tos_bits = !0
9042
icmp_echo_df_bit = 0
9043
icmp_echo_reply_ttl = <255
9044
9045
#Module B [ICMP Timestamp Probe]
9046
icmp_timestamp_reply = y
9047
icmp_timestamp_reply_ttl = <255
9048
icmp_timestamp_reply_ip_id = !0
9049
9050
#Module C [ICMP Address Mask Request Probe]
9051
icmp_addrmask_reply = n
9052
icmp_addrmask_reply_ttl = <255
9053
icmp_addrmask_reply_ip_id = !0
9054
9055
#Module D [ICMP Information Request Probe]
9056
icmp_info_reply = n
9057
icmp_info_reply_ttl = <255
9058
icmp_info_reply_ip_id = !0
9059
9060
#Module E [UDP -> ICMP Unreachable probe]
9061
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9062
icmp_unreach_reply = y
9063
icmp_unreach_echoed_dtsize = >64
9064
icmp_unreach_reply_ttl = <255
9065
icmp_unreach_precedence_bits = 0xc0
9066
icmp_unreach_df_bit = 0
9067
icmp_unreach_ip_id = !0
9068
9069
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9070
icmp_unreach_echoed_udp_cksum = OK
9071
icmp_unreach_echoed_ip_cksum = OK
9072
icmp_unreach_echoed_ip_id = OK
9073
icmp_unreach_echoed_total_len = OK
9074
icmp_unreach_echoed_3bit_flags = OK
9075
9076
#Module F [TCP SYN | ACK Module]
9077
#IP header of the TCP SYN ACK
9078
tcp_syn_ack_tos = 0
9079
tcp_syn_ack_df = 1
9080
tcp_syn_ack_ip_id = !0
9081
tcp_syn_ack_ttl = <64
9082
9083
#Information from the TCP header
9084
tcp_syn_ack_ack = 1
9085
tcp_syn_ack_window_size = 32120
9086
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
9087
tcp_syn_ack_wscale = 0
9088
tcp_syn_ack_tsval = !0
9089
tcp_syn_ack_tsecr = !0
9090
9091
#Module G [TCP RST|ACK]
9092
tcp_rst_reply = y
9093
tcp_rst_df = 0
9094
tcp_rst_ip_id_1 = !0
9095
tcp_rst_ip_id_2 = !0
9096
tcp_rst_ip_id_strategy = I
9097
tcp_rst_ttl = <255
9098
}
9099
9100
fingerprint {
9101
OS_ID = "Linux Kernel 2.2.0"
9102
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9103
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9104
#Date: 13 July 2003
9105
#Modified: 13 July 2003
9106
9107
#Module A [ICMP ECHO Probe]
9108
icmp_echo_reply = y
9109
9110
9111
icmp_echo_code = !0
9112
icmp_echo_ip_id = !0
9113
icmp_echo_tos_bits = !0
9114
icmp_echo_df_bit = 0
9115
icmp_echo_reply_ttl = <255
9116
9117
#Module B [ICMP Timestamp Probe]
9118
icmp_timestamp_reply = y
9119
icmp_timestamp_reply_ttl = <255
9120
icmp_timestamp_reply_ip_id = !0
9121
9122
#Module C [ICMP Address Mask Request Probe]
9123
icmp_addrmask_reply = n
9124
icmp_addrmask_reply_ttl = <255
9125
icmp_addrmask_reply_ip_id = !0
9126
9127
#Module D [ICMP Information Request Probe]
9128
icmp_info_reply = n
9129
icmp_info_reply_ttl = <255
9130
icmp_info_reply_ip_id = !0
9131
9132
#Module E [UDP -> ICMP Unreachable probe]
9133
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9134
icmp_unreach_reply = y
9135
icmp_unreach_echoed_dtsize = >64
9136
icmp_unreach_reply_ttl = <255
9137
icmp_unreach_precedence_bits = 0xc0
9138
icmp_unreach_df_bit = 0
9139
icmp_unreach_ip_id = !0
9140
9141
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9142
icmp_unreach_echoed_udp_cksum = OK
9143
icmp_unreach_echoed_ip_cksum = OK
9144
icmp_unreach_echoed_ip_id = OK
9145
icmp_unreach_echoed_total_len = OK
9146
icmp_unreach_echoed_3bit_flags = OK
9147
9148
#Module F [TCP SYN | ACK Module]
9149
#IP header of the TCP SYN ACK
9150
tcp_syn_ack_tos = 0
9151
tcp_syn_ack_df = 1
9152
tcp_syn_ack_ip_id = !0
9153
tcp_syn_ack_ttl = <64
9154
9155
#Information from the TCP header
9156
tcp_syn_ack_ack = 1
9157
tcp_syn_ack_window_size = 32120
9158
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
9159
tcp_syn_ack_wscale = 0
9160
tcp_syn_ack_tsval = !0
9161
tcp_syn_ack_tsecr = !0
9162
9163
#Module G [TCP RST|ACK]
9164
tcp_rst_reply = y
9165
tcp_rst_df = 0
9166
tcp_rst_ip_id_1 = !0
9167
tcp_rst_ip_id_2 = !0
9168
tcp_rst_ip_id_strategy = I
9169
tcp_rst_ttl = <255
9170
}
9171
9172
fingerprint {
9173
OS_ID = "Linux Kernel 2.0.36"
9174
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9175
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9176
#Date: 12 July 2003
9177
#Modified: 12 July 2003
9178
9179
#Module A [ICMP ECHO Probe]
9180
icmp_echo_reply = y
9181
9182
9183
icmp_echo_code = !0
9184
icmp_echo_ip_id = !0
9185
icmp_echo_tos_bits = !0
9186
icmp_echo_df_bit = 0
9187
icmp_echo_reply_ttl = <64
9188
9189
#Module B [ICMP Timestamp Probe]
9190
icmp_timestamp_reply = y
9191
icmp_timestamp_reply_ttl = <64
9192
icmp_timestamp_reply_ip_id = !0
9193
9194
#Module C [ICMP Address Mask Request Probe]
9195
icmp_addrmask_reply = n
9196
icmp_addrmask_reply_ttl = <64
9197
icmp_addrmask_reply_ip_id = !0
9198
9199
#Module D [ICMP Information Request Probe]
9200
icmp_info_reply = n
9201
icmp_info_reply_ttl = <64
9202
icmp_info_reply_ip_id = !0
9203
9204
#Module E [UDP -> ICMP Unreachable probe]
9205
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9206
icmp_unreach_reply = y
9207
icmp_unreach_echoed_dtsize = >64
9208
icmp_unreach_reply_ttl = <64
9209
icmp_unreach_precedence_bits = 0xc0
9210
icmp_unreach_df_bit = 0
9211
icmp_unreach_ip_id = !0
9212
9213
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9214
icmp_unreach_echoed_udp_cksum = OK
9215
icmp_unreach_echoed_ip_cksum = OK
9216
icmp_unreach_echoed_ip_id = OK
9217
icmp_unreach_echoed_total_len = OK
9218
icmp_unreach_echoed_3bit_flags = OK
9219
9220
#Module F [TCP SYN | ACK Module]
9221
#IP header of the TCP SYN ACK
9222
tcp_syn_ack_tos = 0
9223
tcp_syn_ack_df = 0
9224
tcp_syn_ack_ip_id = !0
9225
tcp_syn_ack_ttl = <64
9226
9227
#Information from the TCP header
9228
tcp_syn_ack_ack = 1
9229
tcp_syn_ack_window_size = 32736
9230
tcp_syn_ack_options_order = "MSS"
9231
tcp_syn_ack_wscale = NONE
9232
tcp_syn_ack_tsval = NONE
9233
tcp_syn_ack_tsecr = NONE
9234
9235
#Module G [TCP RST|ACK]
9236
tcp_rst_reply = y
9237
tcp_rst_df = 0
9238
tcp_rst_ip_id_1 = !0
9239
tcp_rst_ip_id_2 = !0
9240
tcp_rst_ip_id_strategy = I
9241
tcp_rst_ttl = <255
9242
}
9243
9244
fingerprint {
9245
OS_ID = "Linux Kernel 2.0.34"
9246
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9247
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9248
#Date: 12 July 2003
9249
#Modified: 12 July 2003
9250
9251
#Module A [ICMP ECHO Probe]
9252
icmp_echo_reply = y
9253
9254
9255
icmp_echo_code = !0
9256
icmp_echo_ip_id = !0
9257
icmp_echo_tos_bits = !0
9258
icmp_echo_df_bit = 0
9259
icmp_echo_reply_ttl = <64
9260
9261
#Module B [ICMP Timestamp Probe]
9262
icmp_timestamp_reply = y
9263
icmp_timestamp_reply_ttl = <64
9264
icmp_timestamp_reply_ip_id = !0
9265
9266
#Module C [ICMP Address Mask Request Probe]
9267
icmp_addrmask_reply = n
9268
icmp_addrmask_reply_ttl = <64
9269
icmp_addrmask_reply_ip_id = !0
9270
9271
#Module D [ICMP Information Request Probe]
9272
icmp_info_reply = n
9273
icmp_info_reply_ttl = <64
9274
icmp_info_reply_ip_id = !0
9275
9276
#Module E [UDP -> ICMP Unreachable probe]
9277
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9278
icmp_unreach_reply = y
9279
icmp_unreach_echoed_dtsize = >64
9280
icmp_unreach_reply_ttl = <64
9281
icmp_unreach_precedence_bits = 0xc0
9282
icmp_unreach_df_bit = 0
9283
icmp_unreach_ip_id = !0
9284
9285
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9286
icmp_unreach_echoed_udp_cksum = OK
9287
icmp_unreach_echoed_ip_cksum = OK
9288
icmp_unreach_echoed_ip_id = OK
9289
icmp_unreach_echoed_total_len = OK
9290
icmp_unreach_echoed_3bit_flags = OK
9291
9292
#Module F [TCP SYN | ACK Module]
9293
#IP header of the TCP SYN ACK
9294
tcp_syn_ack_tos = 0
9295
tcp_syn_ack_df = 0
9296
tcp_syn_ack_ip_id = !0
9297
tcp_syn_ack_ttl = <64
9298
9299
#Information from the TCP header
9300
tcp_syn_ack_ack = 1
9301
tcp_syn_ack_window_size = 32736
9302
tcp_syn_ack_options_order = "MSS"
9303
tcp_syn_ack_wscale = NONE
9304
tcp_syn_ack_tsval = NONE
9305
tcp_syn_ack_tsecr = NONE
9306
9307
#Module G [TCP RST|ACK]
9308
tcp_rst_reply = y
9309
tcp_rst_df = 0
9310
tcp_rst_ip_id_1 = !0
9311
tcp_rst_ip_id_2 = !0
9312
tcp_rst_ip_id_strategy = I
9313
tcp_rst_ttl = <255
9314
}
9315
9316
fingerprint {
9317
OS_ID = "Linux Kernel 2.0.30"
9318
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9319
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9320
#Date: 12 July 2003
9321
#Modified: 12 July 2003
9322
9323
#Module A [ICMP ECHO Probe]
9324
icmp_echo_reply = y
9325
9326
9327
icmp_echo_code = !0
9328
icmp_echo_ip_id = !0
9329
icmp_echo_tos_bits = !0
9330
icmp_echo_df_bit = 0
9331
icmp_echo_reply_ttl = <64
9332
9333
#Module B [ICMP Timestamp Probe]
9334
icmp_timestamp_reply = y
9335
icmp_timestamp_reply_ttl = <64
9336
icmp_timestamp_reply_ip_id = !0
9337
9338
#Module C [ICMP Address Mask Request Probe]
9339
icmp_addrmask_reply = n
9340
icmp_addrmask_reply_ttl = <64
9341
icmp_addrmask_reply_ip_id = !0
9342
9343
#Module D [ICMP Information Request Probe]
9344
icmp_info_reply = n
9345
icmp_info_reply_ttl = <64
9346
icmp_info_reply_ip_id = !0
9347
9348
#Module E [UDP -> ICMP Unreachable probe]
9349
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9350
icmp_unreach_reply = y
9351
icmp_unreach_echoed_dtsize = >64
9352
icmp_unreach_reply_ttl = <64
9353
icmp_unreach_precedence_bits = 0xc0
9354
icmp_unreach_df_bit = 0
9355
icmp_unreach_ip_id = !0
9356
9357
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9358
icmp_unreach_echoed_udp_cksum = OK
9359
icmp_unreach_echoed_ip_cksum = OK
9360
icmp_unreach_echoed_ip_id = OK
9361
icmp_unreach_echoed_total_len = OK
9362
icmp_unreach_echoed_3bit_flags = OK
9363
9364
#Module F [TCP SYN | ACK Module]
9365
#IP header of the TCP SYN ACK
9366
tcp_syn_ack_tos = 0
9367
tcp_syn_ack_df = 0
9368
tcp_syn_ack_ip_id = !0
9369
tcp_syn_ack_ttl = <64
9370
9371
#Information from the TCP header
9372
tcp_syn_ack_ack = 1
9373
tcp_syn_ack_window_size = 32736
9374
tcp_syn_ack_options_order = "MSS"
9375
tcp_syn_ack_wscale = NONE
9376
tcp_syn_ack_tsval = NONE
9377
tcp_syn_ack_tsecr = NONE
9378
9379
#Module G [TCP RST|ACK]
9380
tcp_rst_reply = y
9381
tcp_rst_df = 0
9382
tcp_rst_ip_id_1 = !0
9383
tcp_rst_ip_id_2 = !0
9384
tcp_rst_ip_id_strategy = I
9385
tcp_rst_ttl = <255
9386
}
9387
9388
9389
#Microsoft
9390
9391
fingerprint {
9392
OS_ID = "Microsoft Windows 2003 Server Enterprise Edition"
9393
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9394
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9395
#Date: 14 July 2003
9396
#Modified: 14 July 2003
9397
9398
#Module A
9399
icmp_echo_reply = y
9400
9401
9402
icmp_echo_code = 0
9403
icmp_echo_ip_id = !0
9404
icmp_echo_tos_bits = 0
9405
icmp_echo_df_bit = 1
9406
icmp_echo_reply_ttl = < 128
9407
9408
#Module B
9409
icmp_timestamp_reply = y
9410
icmp_timestamp_reply_ttl = <128
9411
icmp_timestamp_reply_ip_id = !0
9412
9413
#Module C
9414
icmp_addrmask_reply = n
9415
icmp_addrmask_reply_ttl = <128
9416
icmp_addrmask_reply_ip_id = !0
9417
9418
#Module D
9419
icmp_info_reply = n
9420
icmp_info_reply_ttl = <128
9421
icmp_info_reply_ip_id = !0
9422
9423
#Module E
9424
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9425
icmp_unreach_reply = y
9426
icmp_unreach_echoed_dtsize = >64
9427
icmp_unreach_reply_ttl = <128
9428
icmp_unreach_precedence_bits = 0
9429
icmp_unreach_df_bit = 0
9430
icmp_unreach_ip_id = !0
9431
9432
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9433
icmp_unreach_echoed_udp_cksum = OK
9434
icmp_unreach_echoed_ip_cksum = OK
9435
icmp_unreach_echoed_ip_id = OK
9436
icmp_unreach_echoed_total_len = OK
9437
icmp_unreach_echoed_3bit_flags = OK
9438
9439
#Module F [TCP SYN | ACK Module]
9440
#IP header of the TCP SYN | ACK
9441
tcp_syn_ack_tos = 0
9442
tcp_syn_ack_df = 1
9443
tcp_syn_ack_ip_id = !0
9444
tcp_syn_ack_ttl = <128
9445
9446
#Information from the TCP header
9447
tcp_syn_ack_ack = 1
9448
tcp_syn_ack_window_size = 65535,64240,17520
9449
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9450
tcp_syn_ack_wscale = 0
9451
tcp_syn_ack_tsval = 0
9452
tcp_syn_ack_tsecr = 0
9453
9454
#Module G [TCP RST|ACK]
9455
tcp_rst_reply = y
9456
tcp_rst_df = 0
9457
tcp_rst_ip_id_1 = !0
9458
tcp_rst_ip_id_2 = !0
9459
tcp_rst_ip_id_strategy = I
9460
tcp_rst_ttl = <128
9461
}
9462
9463
9464
fingerprint {
9465
OS_ID = "Microsoft Windows 2003 Server Standard Edition"
9466
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9467
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9468
#Date: 14 July 2003
9469
#Modified: 14 July 2003
9470
9471
#Module A
9472
icmp_echo_reply = y
9473
9474
9475
icmp_echo_code = 0
9476
icmp_echo_ip_id = !0
9477
icmp_echo_tos_bits = 0
9478
icmp_echo_df_bit = 1
9479
icmp_echo_reply_ttl = < 128
9480
9481
#Module B
9482
icmp_timestamp_reply = y
9483
icmp_timestamp_reply_ttl = <128
9484
icmp_timestamp_reply_ip_id = !0
9485
9486
#Module C
9487
icmp_addrmask_reply = n
9488
icmp_addrmask_reply_ttl = <128
9489
icmp_addrmask_reply_ip_id = !0
9490
9491
#Module D
9492
icmp_info_reply = n
9493
icmp_info_reply_ttl = <128
9494
icmp_info_reply_ip_id = !0
9495
9496
#Module E
9497
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9498
icmp_unreach_reply = y
9499
icmp_unreach_echoed_dtsize = >64
9500
icmp_unreach_reply_ttl = <128
9501
icmp_unreach_precedence_bits = 0
9502
icmp_unreach_df_bit = 0
9503
icmp_unreach_ip_id = !0
9504
9505
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9506
icmp_unreach_echoed_udp_cksum = OK
9507
icmp_unreach_echoed_ip_cksum = OK
9508
icmp_unreach_echoed_ip_id = OK
9509
icmp_unreach_echoed_total_len = OK
9510
icmp_unreach_echoed_3bit_flags = OK
9511
9512
#Module F [TCP SYN | ACK Module]
9513
#IP header of the TCP SYN | ACK
9514
tcp_syn_ack_tos = 0
9515
tcp_syn_ack_df = 1
9516
tcp_syn_ack_ip_id = !0
9517
tcp_syn_ack_ttl = <128
9518
9519
#Information from the TCP header
9520
tcp_syn_ack_ack = 1
9521
tcp_syn_ack_window_size = 65535,64240,17520
9522
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9523
tcp_syn_ack_wscale = 0
9524
tcp_syn_ack_tsval = 0
9525
tcp_syn_ack_tsecr = 0
9526
9527
#Module G [TCP RST|ACK]
9528
tcp_rst_reply = y
9529
tcp_rst_df = 0
9530
tcp_rst_ip_id_1 = !0
9531
tcp_rst_ip_id_2 = !0
9532
tcp_rst_ip_id_strategy = I
9533
tcp_rst_ttl = <128
9534
}
9535
9536
fingerprint {
9537
OS_ID = "Microsoft Windows XP SP2"
9538
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9539
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9540
#Date: 13 December 2004
9541
#Modified: -
9542
9543
#Module A
9544
icmp_echo_reply = y
9545
9546
9547
icmp_echo_code = 0
9548
icmp_echo_ip_id = !0
9549
icmp_echo_tos_bits = 0
9550
icmp_echo_df_bit = 1
9551
icmp_echo_reply_ttl = < 128
9552
9553
#Module B
9554
icmp_timestamp_reply = y
9555
icmp_timestamp_reply_ttl = <128
9556
icmp_timestamp_reply_ip_id = !0
9557
9558
#Module C
9559
icmp_addrmask_reply = n
9560
icmp_addrmask_reply_ttl = <128
9561
icmp_addrmask_reply_ip_id = !0
9562
9563
#Module D
9564
icmp_info_reply = n
9565
icmp_info_reply_ttl = <128
9566
icmp_info_reply_ip_id = !0
9567
9568
#Module E
9569
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9570
icmp_unreach_echoed_dtsize = >64
9571
icmp_unreach_reply_ttl = <128
9572
icmp_unreach_precedence_bits = 0
9573
icmp_unreach_df_bit = 0
9574
icmp_unreach_ip_id = !0
9575
9576
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9577
icmp_unreach_reply = y
9578
icmp_unreach_echoed_udp_cksum = OK
9579
icmp_unreach_echoed_ip_cksum = OK
9580
icmp_unreach_echoed_ip_id = OK
9581
icmp_unreach_echoed_total_len = OK
9582
icmp_unreach_echoed_3bit_flags = OK
9583
9584
#Module F [TCP SYN | ACK Module]
9585
#IP header of the TCP SYN | ACK
9586
tcp_syn_ack_tos = 0
9587
tcp_syn_ack_df = 1
9588
tcp_syn_ack_ip_id = !0
9589
tcp_syn_ack_ttl = <128
9590
9591
#Information from the TCP header
9592
tcp_syn_ack_ack = 1
9593
tcp_syn_ack_window_size = 65535
9594
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9595
tcp_syn_ack_wscale = 0
9596
tcp_syn_ack_tsval = 0
9597
tcp_syn_ack_tsecr = 0
9598
9599
#Module G [TCP RST|ACK]
9600
tcp_rst_reply = y
9601
tcp_rst_df = 0
9602
tcp_rst_ip_id_1 = !0
9603
tcp_rst_ip_id_2 = !0
9604
tcp_rst_ip_id_strategy = I
9605
tcp_rst_ttl = <128
9606
}
9607
9608
fingerprint {
9609
OS_ID = "Microsoft Windows XP SP1"
9610
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9611
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9612
#Date: 19 December 2004
9613
#Modified:
9614
9615
#Module A
9616
icmp_echo_reply = y
9617
9618
9619
icmp_echo_code = 0
9620
icmp_echo_ip_id = !0
9621
icmp_echo_tos_bits = 0
9622
icmp_echo_df_bit = 1
9623
icmp_echo_reply_ttl = < 128
9624
9625
#Module B
9626
icmp_timestamp_reply = y
9627
icmp_timestamp_reply_ttl = <128
9628
icmp_timestamp_reply_ip_id = !0
9629
9630
#Module C
9631
icmp_addrmask_reply = n
9632
icmp_addrmask_reply_ttl = <128
9633
icmp_addrmask_reply_ip_id = !0
9634
9635
#Module D
9636
icmp_info_reply = n
9637
icmp_info_reply_ttl = <128
9638
icmp_info_reply_ip_id = !0
9639
9640
#Module E
9641
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9642
icmp_unreach_reply = y
9643
icmp_unreach_echoed_dtsize = 8
9644
icmp_unreach_reply_ttl = <128
9645
icmp_unreach_precedence_bits = 0
9646
icmp_unreach_df_bit = 0
9647
icmp_unreach_ip_id = !0
9648
9649
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9650
icmp_unreach_echoed_udp_cksum = OK
9651
icmp_unreach_echoed_ip_cksum = OK
9652
icmp_unreach_echoed_ip_id = OK
9653
icmp_unreach_echoed_total_len = OK
9654
icmp_unreach_echoed_3bit_flags = OK
9655
9656
#Module F [TCP SYN | ACK Module]
9657
#IP header of the TCP SYN | ACK
9658
tcp_syn_ack_tos = 0
9659
tcp_syn_ack_df = 1
9660
tcp_syn_ack_ip_id = !0
9661
tcp_syn_ack_ttl = <128
9662
9663
#Information from the TCP header
9664
tcp_syn_ack_ack = 1
9665
tcp_syn_ack_window_size = 64240,17520
9666
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9667
tcp_syn_ack_wscale = 0
9668
tcp_syn_ack_tsval = 0
9669
tcp_syn_ack_tsecr = 0
9670
9671
#Module G [TCP RST|ACK]
9672
tcp_rst_reply = y
9673
tcp_rst_df = 0
9674
tcp_rst_ip_id_1 = !0
9675
tcp_rst_ip_id_2 = !0
9676
tcp_rst_ip_id_strategy = I
9677
tcp_rst_ttl = <128
9678
}
9679
9680
9681
fingerprint {
9682
OS_ID = "Microsoft Windows XP"
9683
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9684
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9685
#Date: 19 December 2004
9686
#Modified:
9687
9688
#Module A
9689
icmp_echo_reply = y
9690
9691
9692
icmp_echo_code = 0
9693
icmp_echo_ip_id = !0
9694
icmp_echo_tos_bits = 0
9695
icmp_echo_df_bit = 1
9696
icmp_echo_reply_ttl = < 128
9697
9698
#Module B
9699
icmp_timestamp_reply = y
9700
icmp_timestamp_reply_ttl = <128
9701
icmp_timestamp_reply_ip_id = !0
9702
9703
#Module C
9704
icmp_addrmask_reply = n
9705
icmp_addrmask_reply_ttl = <128
9706
icmp_addrmask_reply_ip_id = !0
9707
9708
#Module D
9709
icmp_info_reply = n
9710
icmp_info_reply_ttl = <128
9711
icmp_info_reply_ip_id = !0
9712
9713
#Module E
9714
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9715
icmp_unreach_reply = y
9716
icmp_unreach_echoed_dtsize = 8
9717
icmp_unreach_reply_ttl = <128
9718
icmp_unreach_precedence_bits = 0
9719
icmp_unreach_df_bit = 0
9720
icmp_unreach_ip_id = !0
9721
9722
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9723
icmp_unreach_echoed_udp_cksum = OK
9724
icmp_unreach_echoed_ip_cksum = OK
9725
icmp_unreach_echoed_ip_id = OK
9726
icmp_unreach_echoed_total_len = OK
9727
icmp_unreach_echoed_3bit_flags = OK
9728
9729
#Module F [TCP SYN | ACK Module]
9730
#IP header of the TCP SYN | ACK
9731
tcp_syn_ack_tos = 0
9732
tcp_syn_ack_df = 1
9733
tcp_syn_ack_ip_id = !0
9734
tcp_syn_ack_ttl = <128
9735
9736
#Information from the TCP header
9737
tcp_syn_ack_ack = 1
9738
tcp_syn_ack_window_size = 64240,17520
9739
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9740
tcp_syn_ack_wscale = 0
9741
tcp_syn_ack_tsval = 0
9742
tcp_syn_ack_tsecr = 0
9743
9744
#Module G [TCP RST|ACK]
9745
tcp_rst_reply = y
9746
tcp_rst_df = 0
9747
tcp_rst_ip_id_1 = !0
9748
tcp_rst_ip_id_2 = !0
9749
tcp_rst_ip_id_strategy = I
9750
tcp_rst_ttl = <128
9751
}
9752
9753
fingerprint {
9754
OS_ID = "Microsoft Windows 2000 Server Service Pack 4"
9755
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9756
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9757
#Date: 02 July 2003
9758
#Modified: 02 July 2003
9759
9760
#Module A
9761
icmp_echo_reply = y
9762
9763
icmp_echo_code = 0
9764
icmp_echo_ip_id = !0
9765
icmp_echo_tos_bits = 0
9766
icmp_echo_df_bit = 1
9767
icmp_echo_reply_ttl = < 128
9768
9769
#Module B
9770
icmp_timestamp_reply = y
9771
icmp_timestamp_reply_ttl = <128
9772
icmp_timestamp_reply_ip_id = !0
9773
9774
#Module C
9775
icmp_addrmask_reply = n
9776
icmp_addrmask_reply_ttl = <128
9777
icmp_addrmask_reply_ip_id = !0
9778
9779
#Module D
9780
icmp_info_reply = n
9781
icmp_info_reply_ttl = <128
9782
icmp_info_reply_ip_id = !0
9783
9784
#Module E
9785
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9786
icmp_unreach_reply = y
9787
icmp_unreach_echoed_dtsize = 8
9788
icmp_unreach_reply_ttl = <128
9789
icmp_unreach_precedence_bits = 0
9790
icmp_unreach_df_bit = 0
9791
icmp_unreach_ip_id = !0
9792
9793
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9794
icmp_unreach_echoed_udp_cksum = OK
9795
icmp_unreach_echoed_ip_cksum = OK
9796
icmp_unreach_echoed_ip_id = OK
9797
icmp_unreach_echoed_total_len = OK
9798
icmp_unreach_echoed_3bit_flags = OK
9799
9800
#Module F [TCP SYN | ACK Module]
9801
#IP header of the TCP SYN | ACK
9802
tcp_syn_ack_tos = 0
9803
tcp_syn_ack_df = 1
9804
tcp_syn_ack_ip_id = !0
9805
tcp_syn_ack_ttl = <128
9806
9807
#Information from the TCP header
9808
tcp_syn_ack_ack = 1
9809
tcp_syn_ack_window_size = 65535,64240,17520
9810
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9811
tcp_syn_ack_wscale = 0
9812
tcp_syn_ack_tsval = 0
9813
tcp_syn_ack_tsecr = 0
9814
9815
#Module G [TCP RST|ACK]
9816
tcp_rst_reply = y
9817
tcp_rst_df = 0
9818
tcp_rst_ip_id_1 = !0
9819
tcp_rst_ip_id_2 = !0
9820
tcp_rst_ip_id_strategy = I
9821
tcp_rst_ttl = <128
9822
}
9823
9824
fingerprint {
9825
OS_ID = "Microsoft Windows 2000 Server Service Pack 3"
9826
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9827
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9828
#Date: 20 March 2003
9829
#Modified: 02 July 2003
9830
9831
#Module A
9832
icmp_echo_reply = y
9833
9834
9835
icmp_echo_code = 0
9836
icmp_echo_ip_id = !0
9837
icmp_echo_tos_bits = 0
9838
icmp_echo_df_bit = 1
9839
icmp_echo_reply_ttl = < 128
9840
9841
#Module B
9842
icmp_timestamp_reply = y
9843
icmp_timestamp_reply_ttl = <128
9844
icmp_timestamp_reply_ip_id = !0
9845
9846
#Module C
9847
icmp_addrmask_reply = n
9848
icmp_addrmask_reply_ttl = <128
9849
icmp_addrmask_reply_ip_id = !0
9850
9851
#Module D
9852
icmp_info_reply = n
9853
icmp_info_reply_ttl = <128
9854
icmp_info_reply_ip_id = !0
9855
9856
#Module E
9857
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9858
icmp_unreach_reply = y
9859
icmp_unreach_echoed_dtsize = 8
9860
icmp_unreach_reply_ttl = <128
9861
icmp_unreach_precedence_bits = 0
9862
icmp_unreach_df_bit = 0
9863
icmp_unreach_ip_id = !0
9864
9865
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9866
icmp_unreach_echoed_udp_cksum = OK
9867
icmp_unreach_echoed_ip_cksum = OK
9868
icmp_unreach_echoed_ip_id = OK
9869
icmp_unreach_echoed_total_len = OK
9870
icmp_unreach_echoed_3bit_flags = OK
9871
9872
#Module F [TCP SYN | ACK Module]
9873
#IP header of the TCP SYN | ACK
9874
tcp_syn_ack_tos = 0
9875
tcp_syn_ack_df = 1
9876
tcp_syn_ack_ip_id = !0
9877
tcp_syn_ack_ttl = <128
9878
9879
#Information from the TCP header
9880
tcp_syn_ack_ack = 1
9881
tcp_syn_ack_window_size = 64240,17520
9882
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9883
tcp_syn_ack_wscale = 0
9884
tcp_syn_ack_tsval = 0
9885
tcp_syn_ack_tsecr = 0
9886
9887
#Module G [TCP RST|ACK]
9888
tcp_rst_reply = y
9889
tcp_rst_df = 0
9890
tcp_rst_ip_id_1 = !0
9891
tcp_rst_ip_id_2 = !0
9892
tcp_rst_ip_id_strategy = I
9893
tcp_rst_ttl = <128
9894
}
9895
9896
fingerprint {
9897
OS_ID = "Microsoft Windows 2000 Server Service Pack 2"
9898
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9899
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9900
#Date: 20 July 2002
9901
#Modified: 02 July 2003
9902
9903
#Module A
9904
icmp_echo_reply = y
9905
9906
9907
icmp_echo_code = 0
9908
icmp_echo_ip_id = !0
9909
icmp_echo_tos_bits = 0
9910
icmp_echo_df_bit = 1
9911
icmp_echo_reply_ttl = < 128
9912
9913
#Module B
9914
icmp_timestamp_reply = y
9915
icmp_timestamp_reply_ttl = <128
9916
icmp_timestamp_reply_ip_id = !0
9917
9918
#Module C
9919
icmp_addrmask_reply = n
9920
icmp_addrmask_reply_ttl = <128
9921
icmp_addrmask_reply_ip_id = !0
9922
9923
#Module D
9924
icmp_info_reply = n
9925
icmp_info_reply_ttl = <128
9926
icmp_info_reply_ip_id = !0
9927
9928
#Module E
9929
#IP_Header_of_the_UDP_Port_Unreachable_error_message
9930
icmp_unreach_reply = y
9931
icmp_unreach_echoed_dtsize = 8
9932
icmp_unreach_reply_ttl = <128
9933
icmp_unreach_precedence_bits = 0
9934
icmp_unreach_df_bit = 0
9935
icmp_unreach_ip_id = !0
9936
9937
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
9938
icmp_unreach_echoed_udp_cksum = OK
9939
icmp_unreach_echoed_ip_cksum = OK
9940
icmp_unreach_echoed_ip_id = OK
9941
icmp_unreach_echoed_total_len = OK
9942
icmp_unreach_echoed_3bit_flags = OK
9943
9944
#Module F [TCP SYN | ACK Module]
9945
#IP header of the TCP SYN | ACK
9946
tcp_syn_ack_tos = 0
9947
tcp_syn_ack_df = 1
9948
tcp_syn_ack_ip_id = !0
9949
tcp_syn_ack_ttl = <128
9950
9951
#Information from the TCP header
9952
tcp_syn_ack_ack = 1
9953
tcp_syn_ack_window_size = 17520
9954
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
9955
tcp_syn_ack_wscale = 0
9956
tcp_syn_ack_tsval = 0
9957
tcp_syn_ack_tsecr = 0
9958
9959
#Module G [TCP RST|ACK]
9960
tcp_rst_reply = y
9961
tcp_rst_df = 0
9962
tcp_rst_ip_id_1 = !0
9963
tcp_rst_ip_id_2 = !0
9964
tcp_rst_ip_id_strategy = I
9965
tcp_rst_ttl = <128
9966
}
9967
9968
fingerprint {
9969
OS_ID = "Microsoft Windows 2000 Server Service Pack 1"
9970
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
9971
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
9972
#Date: 20 July 2002
9973
#Modified: 02 July 2003
9974
9975
#Module A
9976
icmp_echo_reply = y
9977
9978
9979
icmp_echo_code = 0
9980
icmp_echo_ip_id = !0
9981
icmp_echo_tos_bits = 0
9982
icmp_echo_df_bit = 1
9983
icmp_echo_reply_ttl = < 128
9984
9985
#Module B
9986
icmp_timestamp_reply = y
9987
icmp_timestamp_reply_ttl = <128
9988
icmp_timestamp_reply_ip_id = !0
9989
9990
#Module C
9991
icmp_addrmask_reply = n
9992
icmp_addrmask_reply_ttl = <128
9993
icmp_addrmask_reply_ip_id = !0
9994
9995
#Module D
9996
icmp_info_reply = n
9997
icmp_info_reply_ttl = <128
9998
icmp_info_reply_ip_id = !0
9999
10000
#Module E
10001
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10002
icmp_unreach_reply = y
10003
icmp_unreach_echoed_dtsize = 8
10004
icmp_unreach_reply_ttl = <128
10005
icmp_unreach_precedence_bits = 0
10006
icmp_unreach_df_bit = 0
10007
icmp_unreach_ip_id = !0
10008
10009
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10010
icmp_unreach_echoed_udp_cksum = OK
10011
icmp_unreach_echoed_ip_cksum = OK
10012
icmp_unreach_echoed_ip_id = OK
10013
icmp_unreach_echoed_total_len = OK
10014
icmp_unreach_echoed_3bit_flags = OK
10015
10016
#Module F [TCP SYN | ACK Module]
10017
#IP header of the TCP SYN | ACK
10018
tcp_syn_ack_tos = 0
10019
tcp_syn_ack_df = 1
10020
tcp_syn_ack_ip_id = !0
10021
tcp_syn_ack_ttl = <128
10022
10023
#Information from the TCP header
10024
tcp_syn_ack_ack = 1
10025
tcp_syn_ack_window_size = 17520
10026
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10027
tcp_syn_ack_wscale = 0
10028
tcp_syn_ack_tsval = 0
10029
tcp_syn_ack_tsecr = 0
10030
10031
#Module G [TCP RST|ACK]
10032
tcp_rst_reply = y
10033
tcp_rst_df = 0
10034
tcp_rst_ip_id_1 = !0
10035
tcp_rst_ip_id_2 = !0
10036
tcp_rst_ip_id_strategy = I
10037
tcp_rst_ttl = <128
10038
}
10039
10040
fingerprint {
10041
OS_ID = "Microsoft Windows 2000 Server"
10042
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10043
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10044
#Date: 20 July 2002
10045
#Modified: 30 June 2003
10046
10047
#Module A
10048
icmp_echo_reply = y
10049
10050
10051
icmp_echo_code = 0
10052
icmp_echo_ip_id = !0
10053
icmp_echo_tos_bits = 0
10054
icmp_echo_df_bit = 1
10055
icmp_echo_reply_ttl = < 128
10056
10057
#Module B
10058
icmp_timestamp_reply = y
10059
icmp_timestamp_reply_ttl = <128
10060
icmp_timestamp_reply_ip_id = !0
10061
10062
#Module C
10063
icmp_addrmask_reply = n
10064
icmp_addrmask_reply_ttl = <128
10065
icmp_addrmask_reply_ip_id = !0
10066
10067
#Module D
10068
icmp_info_reply = n
10069
icmp_info_reply_ttl = <128
10070
icmp_info_reply_ip_id = !0
10071
10072
#Module E
10073
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10074
icmp_unreach_reply = y
10075
icmp_unreach_echoed_dtsize = 8
10076
icmp_unreach_reply_ttl = <128
10077
icmp_unreach_precedence_bits = 0
10078
icmp_unreach_df_bit = 0
10079
icmp_unreach_ip_id = !0
10080
10081
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10082
icmp_unreach_echoed_udp_cksum = OK
10083
icmp_unreach_echoed_ip_cksum = OK
10084
icmp_unreach_echoed_ip_id = OK
10085
icmp_unreach_echoed_total_len = OK
10086
icmp_unreach_echoed_3bit_flags = OK
10087
10088
#Module F [TCP SYN | ACK Module]
10089
#IP header of the TCP SYN | ACK
10090
tcp_syn_ack_tos = 0
10091
tcp_syn_ack_df = 1
10092
tcp_syn_ack_ip_id = !0
10093
tcp_syn_ack_ttl = <128
10094
10095
#Information from the TCP header
10096
tcp_syn_ack_ack = 1
10097
tcp_syn_ack_window_size = 17520
10098
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10099
tcp_syn_ack_wscale = 0
10100
tcp_syn_ack_tsval = 0
10101
tcp_syn_ack_tsecr = 0
10102
10103
#Module G [TCP RST|ACK]
10104
tcp_rst_reply = y
10105
tcp_rst_df = 0
10106
tcp_rst_ip_id_1 = !0
10107
tcp_rst_ip_id_2 = !0
10108
tcp_rst_ip_id_strategy = I
10109
tcp_rst_ttl = <128
10110
}
10111
10112
fingerprint {
10113
OS_ID = "Microsoft Windows 2000 Workstation SP4"
10114
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10115
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10116
#Date: 20 July 2002
10117
#Modified: 30 June 2003
10118
10119
#Module A
10120
icmp_echo_reply = y
10121
10122
10123
icmp_echo_code = 0
10124
icmp_echo_ip_id = !0
10125
icmp_echo_tos_bits = 0
10126
icmp_echo_df_bit = 1
10127
icmp_echo_reply_ttl = < 128
10128
10129
#Module B
10130
icmp_timestamp_reply = y
10131
icmp_timestamp_reply_ttl = <128
10132
icmp_timestamp_reply_ip_id = !0
10133
10134
#Module C
10135
icmp_addrmask_reply = n
10136
icmp_addrmask_reply_ttl = <128
10137
icmp_addrmask_reply_ip_id = !0
10138
10139
#Module D
10140
icmp_info_reply = n
10141
icmp_info_reply_ttl = <128
10142
icmp_info_reply_ip_id = !0
10143
10144
#Module E
10145
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10146
icmp_unreach_reply = y
10147
icmp_unreach_echoed_dtsize = 8
10148
icmp_unreach_reply_ttl = <128
10149
icmp_unreach_precedence_bits = 0
10150
icmp_unreach_df_bit = 0
10151
icmp_unreach_ip_id = !0
10152
10153
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10154
icmp_unreach_echoed_udp_cksum = OK
10155
icmp_unreach_echoed_ip_cksum = OK
10156
icmp_unreach_echoed_ip_id = OK
10157
icmp_unreach_echoed_total_len = OK
10158
icmp_unreach_echoed_3bit_flags = OK
10159
10160
#Module F [TCP SYN | ACK Module]
10161
#IP header of the TCP SYN | ACK
10162
tcp_syn_ack_tos = 0
10163
tcp_syn_ack_df = 1
10164
tcp_syn_ack_ip_id = !0
10165
tcp_syn_ack_ttl = <128
10166
10167
#Information from the TCP header
10168
tcp_syn_ack_ack = 1
10169
tcp_syn_ack_window_size = 17520
10170
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10171
tcp_syn_ack_wscale = 0
10172
tcp_syn_ack_tsval = 0
10173
tcp_syn_ack_tsecr = 0
10174
10175
#Module G [TCP RST|ACK]
10176
tcp_rst_reply = y
10177
tcp_rst_df = 0
10178
tcp_rst_ip_id_1 = !0
10179
tcp_rst_ip_id_2 = !0
10180
tcp_rst_ip_id_strategy = I
10181
tcp_rst_ttl = <128
10182
}
10183
10184
fingerprint {
10185
OS_ID = "Microsoft Windows 2000 Workstation SP3"
10186
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10187
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10188
#Date: 20 July 2002
10189
#Modified: 30 June 2003
10190
10191
#Module A
10192
icmp_echo_reply = y
10193
10194
10195
icmp_echo_code = 0
10196
icmp_echo_ip_id = !0
10197
icmp_echo_tos_bits = 0
10198
icmp_echo_df_bit = 1
10199
icmp_echo_reply_ttl = < 128
10200
10201
#Module B
10202
icmp_timestamp_reply = y
10203
icmp_timestamp_reply_ttl = <128
10204
icmp_timestamp_reply_ip_id = !0
10205
10206
#Module C
10207
icmp_addrmask_reply = n
10208
icmp_addrmask_reply_ttl = <128
10209
icmp_addrmask_reply_ip_id = !0
10210
10211
#Module D
10212
icmp_info_reply = n
10213
icmp_info_reply_ttl = <128
10214
icmp_info_reply_ip_id = !0
10215
10216
#Module E
10217
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10218
icmp_unreach_reply = y
10219
icmp_unreach_echoed_dtsize = 8
10220
icmp_unreach_reply_ttl = <128
10221
icmp_unreach_precedence_bits = 0
10222
icmp_unreach_df_bit = 0
10223
icmp_unreach_ip_id = !0
10224
10225
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10226
icmp_unreach_echoed_udp_cksum = OK
10227
icmp_unreach_echoed_ip_cksum = OK
10228
icmp_unreach_echoed_ip_id = OK
10229
icmp_unreach_echoed_total_len = OK
10230
icmp_unreach_echoed_3bit_flags = OK
10231
10232
#Module F [TCP SYN | ACK Module]
10233
#IP header of the TCP SYN | ACK
10234
tcp_syn_ack_tos = 0
10235
tcp_syn_ack_df = 1
10236
tcp_syn_ack_ip_id = !0
10237
tcp_syn_ack_ttl = <128
10238
10239
#Information from the TCP header
10240
tcp_syn_ack_ack = 1
10241
tcp_syn_ack_window_size = 17520
10242
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10243
tcp_syn_ack_wscale = 0
10244
tcp_syn_ack_tsval = 0
10245
tcp_syn_ack_tsecr = 0
10246
10247
#Module G [TCP RST|ACK]
10248
tcp_rst_reply = y
10249
tcp_rst_df = 0
10250
tcp_rst_ip_id_1 = !0
10251
tcp_rst_ip_id_2 = !0
10252
tcp_rst_ip_id_strategy = I
10253
tcp_rst_ttl = <128
10254
}
10255
10256
fingerprint {
10257
OS_ID = "Microsoft Windows 2000 Workstation SP2"
10258
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10259
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10260
#Date: 20 July 2002
10261
#Modified: 30 June 2003
10262
10263
#Module A
10264
icmp_echo_reply = y
10265
10266
10267
icmp_echo_code = 0
10268
icmp_echo_ip_id = !0
10269
icmp_echo_tos_bits = 0
10270
icmp_echo_df_bit = 1
10271
icmp_echo_reply_ttl = < 128
10272
10273
#Module B
10274
icmp_timestamp_reply = y
10275
icmp_timestamp_reply_ttl = <128
10276
icmp_timestamp_reply_ip_id = !0
10277
10278
#Module C
10279
icmp_addrmask_reply = n
10280
icmp_addrmask_reply_ttl = <128
10281
icmp_addrmask_reply_ip_id = !0
10282
10283
#Module D
10284
icmp_info_reply = n
10285
icmp_info_reply_ttl = <128
10286
icmp_info_reply_ip_id = !0
10287
10288
#Module E
10289
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10290
icmp_unreach_reply = y
10291
icmp_unreach_echoed_dtsize = 8
10292
icmp_unreach_reply_ttl = <128
10293
icmp_unreach_precedence_bits = 0
10294
icmp_unreach_df_bit = 0
10295
icmp_unreach_ip_id = !0
10296
10297
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10298
icmp_unreach_echoed_udp_cksum = OK
10299
icmp_unreach_echoed_ip_cksum = OK
10300
icmp_unreach_echoed_ip_id = OK
10301
icmp_unreach_echoed_total_len = OK
10302
icmp_unreach_echoed_3bit_flags = OK
10303
10304
#Module F [TCP SYN | ACK Module]
10305
#IP header of the TCP SYN | ACK
10306
tcp_syn_ack_tos = 0
10307
tcp_syn_ack_df = 1
10308
tcp_syn_ack_ip_id = !0
10309
tcp_syn_ack_ttl = <128
10310
10311
#Information from the TCP header
10312
tcp_syn_ack_ack = 1
10313
tcp_syn_ack_window_size = 17520
10314
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10315
tcp_syn_ack_wscale = 0
10316
tcp_syn_ack_tsval = 0
10317
tcp_syn_ack_tsecr = 0
10318
10319
#Module G [TCP RST|ACK]
10320
tcp_rst_reply = y
10321
tcp_rst_df = 0
10322
tcp_rst_ip_id_1 = !0
10323
tcp_rst_ip_id_2 = !0
10324
tcp_rst_ip_id_strategy = I
10325
tcp_rst_ttl = <128
10326
}
10327
10328
fingerprint {
10329
OS_ID = "Microsoft Windows 2000 Workstation SP1"
10330
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10331
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10332
#Date: 20 July 2002
10333
#Modified: 30 June 2003
10334
10335
#Module A
10336
icmp_echo_reply = y
10337
10338
10339
icmp_echo_code = 0
10340
icmp_echo_ip_id = !0
10341
icmp_echo_tos_bits = 0
10342
icmp_echo_df_bit = 1
10343
icmp_echo_reply_ttl = < 128
10344
10345
#Module B
10346
icmp_timestamp_reply = y
10347
icmp_timestamp_reply_ttl = <128
10348
icmp_timestamp_reply_ip_id = !0
10349
10350
#Module C
10351
icmp_addrmask_reply = n
10352
icmp_addrmask_reply_ttl = <128
10353
icmp_addrmask_reply_ip_id = !0
10354
10355
#Module D
10356
icmp_info_reply = n
10357
icmp_info_reply_ttl = <128
10358
icmp_info_reply_ip_id = !0
10359
10360
#Module E
10361
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10362
icmp_unreach_reply = y
10363
icmp_unreach_echoed_dtsize = 8
10364
icmp_unreach_reply_ttl = <128
10365
icmp_unreach_precedence_bits = 0
10366
icmp_unreach_df_bit = 0
10367
icmp_unreach_ip_id = !0
10368
10369
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10370
icmp_unreach_echoed_udp_cksum = OK
10371
icmp_unreach_echoed_ip_cksum = OK
10372
icmp_unreach_echoed_ip_id = OK
10373
icmp_unreach_echoed_total_len = OK
10374
icmp_unreach_echoed_3bit_flags = OK
10375
10376
#Module F [TCP SYN | ACK Module]
10377
#IP header of the TCP SYN | ACK
10378
tcp_syn_ack_tos = 0
10379
tcp_syn_ack_df = 1
10380
tcp_syn_ack_ip_id = !0
10381
tcp_syn_ack_ttl = <128
10382
10383
#Information from the TCP header
10384
tcp_syn_ack_ack = 1
10385
tcp_syn_ack_window_size = 17520
10386
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10387
tcp_syn_ack_wscale = 0
10388
tcp_syn_ack_tsval = 0
10389
tcp_syn_ack_tsecr = 0
10390
10391
#Module G [TCP RST|ACK]
10392
tcp_rst_reply = y
10393
tcp_rst_df = 0
10394
tcp_rst_ip_id_1 = !0
10395
tcp_rst_ip_id_2 = !0
10396
tcp_rst_ip_id_strategy = I
10397
tcp_rst_ttl = <128
10398
}
10399
10400
fingerprint {
10401
OS_ID = "Microsoft Windows 2000 Workstation"
10402
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10403
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10404
#Date: 20 July 2002
10405
#Modified: 30 June 2003
10406
10407
#Module A
10408
icmp_echo_reply = y
10409
10410
10411
icmp_echo_code = 0
10412
icmp_echo_ip_id = !0
10413
icmp_echo_tos_bits = 0
10414
icmp_echo_df_bit = 1
10415
icmp_echo_reply_ttl = < 128
10416
10417
#Module B
10418
icmp_timestamp_reply = y
10419
icmp_timestamp_reply_ttl = <128
10420
icmp_timestamp_reply_ip_id = !0
10421
10422
#Module C
10423
icmp_addrmask_reply = n
10424
icmp_addrmask_reply_ttl = <128
10425
icmp_addrmask_reply_ip_id = !0
10426
10427
#Module D
10428
icmp_info_reply = n
10429
icmp_info_reply_ttl = <128
10430
icmp_info_reply_ip_id = !0
10431
10432
#Module E
10433
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10434
icmp_unreach_reply = y
10435
icmp_unreach_echoed_dtsize = 8
10436
icmp_unreach_reply_ttl = <128
10437
icmp_unreach_precedence_bits = 0
10438
icmp_unreach_df_bit = 0
10439
icmp_unreach_ip_id = !0
10440
10441
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10442
icmp_unreach_echoed_udp_cksum = OK
10443
icmp_unreach_echoed_ip_cksum = OK
10444
icmp_unreach_echoed_ip_id = OK
10445
icmp_unreach_echoed_total_len = OK
10446
icmp_unreach_echoed_3bit_flags = OK
10447
10448
#Module F [TCP SYN | ACK Module]
10449
#IP header of the TCP SYN | ACK
10450
tcp_syn_ack_tos = 0
10451
tcp_syn_ack_df = 1
10452
tcp_syn_ack_ip_id = !0
10453
tcp_syn_ack_ttl = <128
10454
10455
#Information from the TCP header
10456
tcp_syn_ack_ack = 1
10457
tcp_syn_ack_window_size = 17520
10458
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10459
tcp_syn_ack_wscale = 0
10460
tcp_syn_ack_tsval = 0
10461
tcp_syn_ack_tsecr = 0
10462
10463
#Module G [TCP RST|ACK]
10464
tcp_rst_reply = y
10465
tcp_rst_df = 0
10466
tcp_rst_ip_id_1 = !0
10467
tcp_rst_ip_id_2 = !0
10468
tcp_rst_ip_id_strategy = I
10469
tcp_rst_ttl = <128
10470
}
10471
10472
fingerprint {
10473
OS_ID = "Microsoft Windows Millennium Edition (ME)"
10474
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10475
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10476
#Date: 29 July 2002
10477
#Modified: 05 July 2003
10478
10479
#Module A [ICMP ECHO Probe]
10480
icmp_echo_reply = y
10481
10482
10483
icmp_echo_code = 0
10484
icmp_echo_ip_id = !0
10485
icmp_echo_tos_bits = !0
10486
icmp_echo_df_bit = 1
10487
icmp_echo_reply_ttl = <128
10488
10489
#Module B [ICMP Timestamp Probe]
10490
icmp_timestamp_reply = y
10491
icmp_timestamp_reply_ttl = <128
10492
icmp_timestamp_reply_ip_id = !0
10493
10494
#Module C [ICMP Address Mask Request Probe]
10495
icmp_addrmask_reply = n
10496
icmp_addrmask_reply_ttl = <128
10497
icmp_addrmask_reply_ip_id = !0
10498
10499
#Module D [ICMP Information Request Probe]
10500
icmp_info_reply = n
10501
icmp_info_reply_ttl = <128
10502
icmp_info_reply_ip_id = !0
10503
10504
#Module E [UDP -> ICMP Unreachable probe]
10505
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10506
icmp_unreach_reply = y
10507
icmp_unreach_echoed_dtsize = 8
10508
icmp_unreach_reply_ttl = <128
10509
icmp_unreach_precedence_bits = 0
10510
icmp_unreach_df_bit = 0
10511
icmp_unreach_ip_id = !0
10512
10513
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10514
icmp_unreach_echoed_udp_cksum = OK
10515
icmp_unreach_echoed_ip_cksum = OK
10516
icmp_unreach_echoed_ip_id = OK
10517
icmp_unreach_echoed_total_len = OK
10518
icmp_unreach_echoed_3bit_flags = OK
10519
10520
#Module F [TCP SYN | ACK Module]
10521
#IP header of the TCP SYN ACK
10522
tcp_syn_ack_tos = 0
10523
tcp_syn_ack_df = 1
10524
tcp_syn_ack_ip_id = !0
10525
tcp_syn_ack_ttl = <128
10526
10527
#Information from the TCP header
10528
tcp_syn_ack_ack = 1
10529
tcp_syn_ack_window_size = 17520
10530
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
10531
tcp_syn_ack_wscale = 0
10532
tcp_syn_ack_tsval = 0
10533
tcp_syn_ack_tsecr = 0
10534
10535
#Module G [TCP RST|ACK]
10536
tcp_rst_reply = y
10537
tcp_rst_df = 0
10538
tcp_rst_ip_id_1 = !0
10539
tcp_rst_ip_id_2 = !0
10540
tcp_rst_ip_id_strategy = I
10541
tcp_rst_ttl = <128
10542
}
10543
10544
fingerprint {
10545
OS_ID = "Microsoft Windows NT 4 Server Service Pack 6a"
10546
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10547
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10548
#Date: 30 July 2002
10549
#Modified: 11 July 2003
10550
10551
#Module A
10552
icmp_echo_reply = y
10553
10554
10555
icmp_echo_code = 0
10556
icmp_echo_ip_id = !0
10557
icmp_echo_tos_bits = !0
10558
icmp_echo_df_bit = 1
10559
icmp_echo_reply_ttl = <128
10560
10561
#Module B
10562
icmp_timestamp_reply = n
10563
icmp_timestamp_reply_ttl = <128
10564
icmp_timestamp_reply_ip_id = !0
10565
10566
#Module C
10567
icmp_addrmask_reply = n
10568
icmp_addrmask_reply_ttl = <128
10569
icmp_addrmask_reply_ip_id = !0
10570
10571
#Module D
10572
icmp_info_reply = n
10573
icmp_info_reply_ttl = <128
10574
icmp_info_reply_ip_id = !0
10575
10576
#Module E
10577
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10578
icmp_unreach_reply = y
10579
icmp_unreach_echoed_dtsize = 8
10580
icmp_unreach_reply_ttl = <128
10581
icmp_unreach_precedence_bits = 0
10582
icmp_unreach_df_bit = 0
10583
icmp_unreach_ip_id = !0
10584
10585
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10586
icmp_unreach_echoed_udp_cksum = OK
10587
icmp_unreach_echoed_ip_cksum = OK
10588
icmp_unreach_echoed_ip_id = OK
10589
icmp_unreach_echoed_total_len = OK
10590
icmp_unreach_echoed_3bit_flags = OK
10591
10592
#Module F [TCP SYN | ACK Module]
10593
#IP header of the TCP SYN ACK
10594
tcp_syn_ack_tos = 0
10595
tcp_syn_ack_df = 1
10596
tcp_syn_ack_ip_id = !0
10597
tcp_syn_ack_ttl = <128
10598
10599
#Information from the TCP header
10600
tcp_syn_ack_ack = 1
10601
tcp_syn_ack_window_size = 8760
10602
tcp_syn_ack_options_order = "MSS"
10603
tcp_syn_ack_wscale = NONE
10604
tcp_syn_ack_tsval = NONE
10605
tcp_syn_ack_tsecr = NONE
10606
10607
#Module G [TCP RST|ACK]
10608
tcp_rst_reply = y
10609
tcp_rst_df = 0
10610
tcp_rst_ip_id_1 = !0
10611
tcp_rst_ip_id_2 = !0
10612
tcp_rst_ip_id_strategy = I
10613
tcp_rst_ttl = <128
10614
}
10615
10616
fingerprint {
10617
OS_ID = "Microsoft Windows NT 4 Server Service Pack 5"
10618
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10619
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10620
#Date: 30 July 2002
10621
#Modified: 11 July 2003
10622
10623
#Module A
10624
icmp_echo_reply = y
10625
10626
10627
icmp_echo_code = 0
10628
icmp_echo_ip_id = !0
10629
icmp_echo_tos_bits = !0
10630
icmp_echo_df_bit = 1
10631
icmp_echo_reply_ttl = <128
10632
10633
#Module B
10634
icmp_timestamp_reply = n
10635
icmp_timestamp_reply_ttl = <128
10636
icmp_timestamp_reply_ip_id = !0
10637
10638
#Module C
10639
icmp_addrmask_reply = n
10640
icmp_addrmask_reply_ttl = <128
10641
icmp_addrmask_reply_ip_id = !0
10642
10643
#Module D
10644
icmp_info_reply = n
10645
icmp_info_reply_ttl = <128
10646
icmp_info_reply_ip_id = !0
10647
10648
#Module E
10649
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10650
icmp_unreach_reply = y
10651
icmp_unreach_echoed_dtsize = 8
10652
icmp_unreach_reply_ttl = <128
10653
icmp_unreach_precedence_bits = 0
10654
icmp_unreach_df_bit = 0
10655
icmp_unreach_ip_id = !0
10656
10657
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10658
icmp_unreach_echoed_udp_cksum = OK
10659
icmp_unreach_echoed_ip_cksum = OK
10660
icmp_unreach_echoed_ip_id = OK
10661
icmp_unreach_echoed_total_len = OK
10662
icmp_unreach_echoed_3bit_flags = OK
10663
10664
#Module F [TCP SYN | ACK Module]
10665
#IP header of the TCP SYN ACK
10666
tcp_syn_ack_tos = 0
10667
tcp_syn_ack_df = 1
10668
tcp_syn_ack_ip_id = !0
10669
tcp_syn_ack_ttl = <128
10670
10671
#Information from the TCP header
10672
tcp_syn_ack_ack = 1
10673
tcp_syn_ack_window_size = 8760
10674
tcp_syn_ack_options_order = "MSS"
10675
tcp_syn_ack_wscale = NONE
10676
tcp_syn_ack_tsval = NONE
10677
tcp_syn_ack_tsecr = NONE
10678
10679
#Module G [TCP RST|ACK]
10680
tcp_rst_reply = y
10681
tcp_rst_df = 0
10682
tcp_rst_ip_id_1 = !0
10683
tcp_rst_ip_id_2 = !0
10684
tcp_rst_ip_id_strategy = I
10685
tcp_rst_ttl = <128
10686
}
10687
10688
fingerprint {
10689
OS_ID = "Microsoft Windows NT 4 Server Service Pack 4"
10690
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10691
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10692
#Date: 30 July 2002
10693
#Modified: 11 July 2003
10694
10695
#Module A
10696
icmp_echo_reply = y
10697
10698
10699
icmp_echo_code = 0
10700
icmp_echo_ip_id = !0
10701
icmp_echo_tos_bits = !0
10702
icmp_echo_df_bit = 1
10703
icmp_echo_reply_ttl = <128
10704
10705
#Module B
10706
icmp_timestamp_reply = n
10707
icmp_timestamp_reply_ttl = <128
10708
icmp_timestamp_reply_ip_id = !0
10709
10710
#Module C
10711
icmp_addrmask_reply = n
10712
icmp_addrmask_reply_ttl = <128
10713
icmp_addrmask_reply_ip_id = !0
10714
10715
#Module D
10716
icmp_info_reply = n
10717
icmp_info_reply_ttl = <128
10718
icmp_info_reply_ip_id = !0
10719
10720
#Module E
10721
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10722
icmp_unreach_reply = y
10723
icmp_unreach_echoed_dtsize = 8
10724
icmp_unreach_reply_ttl = <128
10725
icmp_unreach_precedence_bits = 0
10726
icmp_unreach_df_bit = 0
10727
icmp_unreach_ip_id = !0
10728
10729
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10730
icmp_unreach_echoed_udp_cksum = OK
10731
icmp_unreach_echoed_ip_cksum = OK
10732
icmp_unreach_echoed_ip_id = OK
10733
icmp_unreach_echoed_total_len = OK
10734
icmp_unreach_echoed_3bit_flags = OK
10735
10736
#Module F [TCP SYN | ACK Module]
10737
#IP header of the TCP SYN ACK
10738
tcp_syn_ack_tos = 0
10739
tcp_syn_ack_df = 1
10740
tcp_syn_ack_ip_id = !0
10741
tcp_syn_ack_ttl = <128
10742
10743
#Information from the TCP header
10744
tcp_syn_ack_ack = 1
10745
tcp_syn_ack_window_size = 8760
10746
tcp_syn_ack_options_order = "MSS"
10747
tcp_syn_ack_wscale = NONE
10748
tcp_syn_ack_tsval = NONE
10749
tcp_syn_ack_tsecr = NONE
10750
10751
#Module G [TCP RST|ACK]
10752
tcp_rst_reply = y
10753
tcp_rst_df = 0
10754
tcp_rst_ip_id_1 = !0
10755
tcp_rst_ip_id_2 = !0
10756
tcp_rst_ip_id_strategy = I
10757
tcp_rst_ttl = <128
10758
}
10759
10760
fingerprint {
10761
OS_ID = "Microsoft Windows NT 4 Server Service Pack 3"
10762
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10763
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10764
#Date: 30 July 2002
10765
#Modified: 11 July 2003
10766
10767
#Module A
10768
icmp_echo_reply = y
10769
10770
10771
icmp_echo_code = 0
10772
icmp_echo_ip_id = !0
10773
icmp_echo_tos_bits = !0
10774
icmp_echo_df_bit = 1
10775
icmp_echo_reply_ttl = <128
10776
10777
#Module B
10778
icmp_timestamp_reply = n
10779
icmp_timestamp_reply_ttl = <128
10780
icmp_timestamp_reply_ip_id = !0
10781
10782
#Module C
10783
icmp_addrmask_reply = y
10784
icmp_addrmask_reply_ttl = <128
10785
icmp_addrmask_reply_ip_id = !0
10786
10787
#Module D
10788
icmp_info_reply = n
10789
icmp_info_reply_ttl = <128
10790
icmp_info_reply_ip_id = !0
10791
10792
#Module E
10793
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10794
icmp_unreach_reply = y
10795
icmp_unreach_echoed_dtsize = 8
10796
icmp_unreach_reply_ttl = <128
10797
icmp_unreach_precedence_bits = 0
10798
icmp_unreach_df_bit = 0
10799
icmp_unreach_ip_id = !0
10800
10801
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10802
icmp_unreach_echoed_udp_cksum = OK
10803
icmp_unreach_echoed_ip_cksum = OK
10804
icmp_unreach_echoed_ip_id = OK
10805
icmp_unreach_echoed_total_len = OK
10806
icmp_unreach_echoed_3bit_flags = OK
10807
10808
#Module F [TCP SYN | ACK Module]
10809
#IP header of the TCP SYN ACK
10810
tcp_syn_ack_tos = 0
10811
tcp_syn_ack_df = 1
10812
tcp_syn_ack_ip_id = !0
10813
tcp_syn_ack_ttl = <128
10814
10815
#Information from the TCP header
10816
tcp_syn_ack_ack = 1
10817
tcp_syn_ack_window_size = 8760
10818
tcp_syn_ack_options_order = "MSS"
10819
tcp_syn_ack_wscale = NONE
10820
tcp_syn_ack_tsval = NONE
10821
tcp_syn_ack_tsecr = NONE
10822
10823
#Module G [TCP RST|ACK]
10824
tcp_rst_reply = y
10825
tcp_rst_df = 0
10826
tcp_rst_ip_id_1 = !0
10827
tcp_rst_ip_id_2 = !0
10828
tcp_rst_ip_id_strategy = I
10829
tcp_rst_ttl = <128
10830
}
10831
10832
fingerprint {
10833
OS_ID = "Microsoft Windows NT 4 Server Service Pack 2"
10834
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10835
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10836
#Date: 30 July 2002
10837
#Modified: 11 July 2003
10838
10839
#Module A
10840
icmp_echo_reply = y
10841
10842
10843
icmp_echo_code = 0
10844
icmp_echo_ip_id = !0
10845
icmp_echo_tos_bits = !0
10846
icmp_echo_df_bit = 1
10847
icmp_echo_reply_ttl = <128
10848
10849
#Module B
10850
icmp_timestamp_reply = n
10851
icmp_timestamp_reply_ttl = <128
10852
icmp_timestamp_reply_ip_id = !0
10853
10854
#Module C
10855
icmp_addrmask_reply = y
10856
icmp_addrmask_reply_ttl = <128
10857
icmp_addrmask_reply_ip_id = !0
10858
10859
#Module D
10860
icmp_info_reply = n
10861
icmp_info_reply_ttl = <128
10862
icmp_info_reply_ip_id = !0
10863
10864
#Module E
10865
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10866
icmp_unreach_reply = y
10867
icmp_unreach_echoed_dtsize = 8
10868
icmp_unreach_reply_ttl = <128
10869
icmp_unreach_precedence_bits = 0
10870
icmp_unreach_df_bit = 0
10871
icmp_unreach_ip_id = !0
10872
10873
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10874
icmp_unreach_echoed_udp_cksum = OK
10875
icmp_unreach_echoed_ip_cksum = OK
10876
icmp_unreach_echoed_ip_id = OK
10877
icmp_unreach_echoed_total_len = OK
10878
icmp_unreach_echoed_3bit_flags = OK
10879
10880
#Module F [TCP SYN | ACK Module]
10881
#IP header of the TCP SYN ACK
10882
tcp_syn_ack_tos = 0
10883
tcp_syn_ack_df = 1
10884
tcp_syn_ack_ip_id = !0
10885
tcp_syn_ack_ttl = <128
10886
10887
#Information from the TCP header
10888
tcp_syn_ack_ack = 1
10889
tcp_syn_ack_window_size = 8760
10890
tcp_syn_ack_options_order = "MSS"
10891
tcp_syn_ack_wscale = NONE
10892
tcp_syn_ack_tsval = NONE
10893
tcp_syn_ack_tsecr = NONE
10894
10895
#Module G [TCP RST|ACK]
10896
tcp_rst_reply = y
10897
tcp_rst_df = 0
10898
tcp_rst_ip_id_1 = !0
10899
tcp_rst_ip_id_2 = !0
10900
tcp_rst_ip_id_strategy = I
10901
tcp_rst_ttl = <128
10902
}
10903
10904
fingerprint {
10905
OS_ID = "Microsoft Windows NT 4 Server Service Pack 1"
10906
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10907
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10908
#Date: 30 July 2002
10909
#Modified: 11 July 2003
10910
10911
#Module A
10912
icmp_echo_reply = y
10913
10914
10915
icmp_echo_code = 0
10916
icmp_echo_ip_id = !0
10917
icmp_echo_tos_bits = !0
10918
icmp_echo_df_bit = 1
10919
icmp_echo_reply_ttl = <128
10920
10921
#Module B
10922
icmp_timestamp_reply = n
10923
icmp_timestamp_reply_ttl = <128
10924
icmp_timestamp_reply_ip_id = !0
10925
10926
#Module C
10927
icmp_addrmask_reply = y
10928
icmp_addrmask_reply_ttl = <128
10929
icmp_addrmask_reply_ip_id = !0
10930
10931
#Module D
10932
icmp_info_reply = n
10933
icmp_info_reply_ttl = <128
10934
icmp_info_reply_ip_id = !0
10935
10936
#Module E
10937
#IP_Header_of_the_UDP_Port_Unreachable_error_message
10938
icmp_unreach_reply = y
10939
icmp_unreach_echoed_dtsize = 8
10940
icmp_unreach_reply_ttl = <128
10941
icmp_unreach_precedence_bits = 0
10942
icmp_unreach_df_bit = 0
10943
icmp_unreach_ip_id = !0
10944
10945
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
10946
icmp_unreach_echoed_udp_cksum = OK
10947
icmp_unreach_echoed_ip_cksum = OK
10948
icmp_unreach_echoed_ip_id = OK
10949
icmp_unreach_echoed_total_len = OK
10950
icmp_unreach_echoed_3bit_flags = OK
10951
10952
#Module F [TCP SYN | ACK Module]
10953
#IP header of the TCP SYN ACK
10954
tcp_syn_ack_tos = 0
10955
tcp_syn_ack_df = 1
10956
tcp_syn_ack_ip_id = !0
10957
tcp_syn_ack_ttl = <128
10958
10959
#Information from the TCP header
10960
tcp_syn_ack_ack = 1
10961
tcp_syn_ack_window_size = 8760
10962
tcp_syn_ack_options_order = "MSS"
10963
tcp_syn_ack_wscale = NONE
10964
tcp_syn_ack_tsval = NONE
10965
tcp_syn_ack_tsecr = NONE
10966
10967
#Module G [TCP RST|ACK]
10968
tcp_rst_reply = y
10969
tcp_rst_df = 0
10970
tcp_rst_ip_id_1 = !0
10971
tcp_rst_ip_id_2 = !0
10972
tcp_rst_ip_id_strategy = I
10973
tcp_rst_ttl = <128
10974
}
10975
10976
fingerprint {
10977
OS_ID = "Microsoft Windows NT 4 Server"
10978
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
10979
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
10980
#Date: 30 July 2002
10981
#Modified: 11 July 2003
10982
10983
#Module A
10984
icmp_echo_reply = y
10985
10986
10987
icmp_echo_code = 0
10988
icmp_echo_ip_id = !0
10989
icmp_echo_tos_bits = !0
10990
icmp_echo_df_bit = 1
10991
icmp_echo_reply_ttl = <128
10992
10993
#Module B
10994
icmp_timestamp_reply = n
10995
icmp_timestamp_reply_ttl = <128
10996
icmp_timestamp_reply_ip_id = !0
10997
10998
#Module C
10999
icmp_addrmask_reply = y
11000
icmp_addrmask_reply_ttl = <128
11001
icmp_addrmask_reply_ip_id = !0
11002
11003
#Module D
11004
icmp_info_reply = n
11005
icmp_info_reply_ttl = <128
11006
icmp_info_reply_ip_id = !0
11007
11008
#Module E
11009
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11010
icmp_unreach_reply = y
11011
icmp_unreach_echoed_dtsize = 8
11012
icmp_unreach_reply_ttl = <128
11013
icmp_unreach_precedence_bits = 0
11014
icmp_unreach_df_bit = 0
11015
icmp_unreach_ip_id = !0
11016
11017
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11018
icmp_unreach_echoed_udp_cksum = OK
11019
icmp_unreach_echoed_ip_cksum = OK
11020
icmp_unreach_echoed_ip_id = OK
11021
icmp_unreach_echoed_total_len = OK
11022
icmp_unreach_echoed_3bit_flags = OK
11023
11024
#Module F [TCP SYN | ACK Module]
11025
#IP header of the TCP SYN ACK
11026
tcp_syn_ack_tos = 0
11027
tcp_syn_ack_df = 1
11028
tcp_syn_ack_ip_id = !0
11029
tcp_syn_ack_ttl = <128
11030
11031
#Information from the TCP header
11032
tcp_syn_ack_ack = 1
11033
tcp_syn_ack_window_size = 8760
11034
tcp_syn_ack_options_order = "MSS"
11035
tcp_syn_ack_wscale = NONE
11036
tcp_syn_ack_tsval = NONE
11037
tcp_syn_ack_tsecr = NONE
11038
11039
#Module G [TCP RST|ACK]
11040
tcp_rst_reply = y
11041
tcp_rst_df = 0
11042
tcp_rst_ip_id_1 = !0
11043
tcp_rst_ip_id_2 = !0
11044
tcp_rst_ip_id_strategy = I
11045
tcp_rst_ttl = <128
11046
}
11047
11048
fingerprint {
11049
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 6a"
11050
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11051
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11052
#Date: 30 July 2002
11053
#Modified: 05 July 2003
11054
11055
#Module A
11056
icmp_echo_reply = y
11057
11058
11059
icmp_echo_code = 0
11060
icmp_echo_ip_id = !0
11061
icmp_echo_tos_bits = !0
11062
icmp_echo_df_bit = 1
11063
icmp_echo_reply_ttl = <128
11064
11065
#Module B
11066
icmp_timestamp_reply = n
11067
icmp_timestamp_reply_ttl = <128
11068
icmp_timestamp_reply_ip_id = !0
11069
11070
#Module C
11071
icmp_addrmask_reply = n
11072
icmp_addrmask_reply_ttl = <128
11073
icmp_addrmask_reply_ip_id = !0
11074
11075
#Module D
11076
icmp_info_reply = n
11077
icmp_info_reply_ttl = <128
11078
icmp_info_reply_ip_id = !0
11079
11080
#Module E
11081
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11082
icmp_unreach_reply = y
11083
icmp_unreach_echoed_dtsize = 8
11084
icmp_unreach_reply_ttl = <128
11085
icmp_unreach_precedence_bits = 0
11086
icmp_unreach_df_bit = 0
11087
icmp_unreach_ip_id = !0
11088
11089
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11090
icmp_unreach_echoed_udp_cksum = OK
11091
icmp_unreach_echoed_ip_cksum = OK
11092
icmp_unreach_echoed_ip_id = OK
11093
icmp_unreach_echoed_total_len = OK
11094
icmp_unreach_echoed_3bit_flags = OK
11095
11096
#Module F [TCP SYN | ACK Module]
11097
#IP header of the TCP SYN ACK
11098
tcp_syn_ack_tos = 0
11099
tcp_syn_ack_df = 1
11100
tcp_syn_ack_ip_id = !0
11101
tcp_syn_ack_ttl = <128
11102
11103
#Information from the TCP header
11104
tcp_syn_ack_ack = 1
11105
tcp_syn_ack_window_size = 8760
11106
tcp_syn_ack_options_order = "MSS"
11107
tcp_syn_ack_wscale = NONE
11108
tcp_syn_ack_tsval = NONE
11109
tcp_syn_ack_tsecr = NONE
11110
11111
#Module G [TCP RST|ACK]
11112
tcp_rst_reply = y
11113
tcp_rst_df = 0
11114
tcp_rst_ip_id_1 = !0
11115
tcp_rst_ip_id_2 = !0
11116
tcp_rst_ip_id_strategy = I
11117
tcp_rst_ttl = <128
11118
}
11119
11120
fingerprint {
11121
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 5"
11122
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11123
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11124
#Date: 30 July 2002
11125
#Modified: 05 July 2003
11126
11127
#Module A
11128
icmp_echo_reply = y
11129
11130
11131
icmp_echo_code = 0
11132
icmp_echo_ip_id = !0
11133
icmp_echo_tos_bits = !0
11134
icmp_echo_df_bit = 1
11135
icmp_echo_reply_ttl = <128
11136
11137
#Module B
11138
icmp_timestamp_reply = n
11139
icmp_timestamp_reply_ttl = <128
11140
icmp_timestamp_reply_ip_id = !0
11141
11142
#Module C
11143
icmp_addrmask_reply = n
11144
icmp_addrmask_reply_ttl = <128
11145
icmp_addrmask_reply_ip_id = !0
11146
11147
#Module D
11148
icmp_info_reply = n
11149
icmp_info_reply_ttl = <128
11150
icmp_info_reply_ip_id = !0
11151
11152
#Module E
11153
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11154
icmp_unreach_reply = y
11155
icmp_unreach_echoed_dtsize = 8
11156
icmp_unreach_reply_ttl = <128
11157
icmp_unreach_precedence_bits = 0
11158
icmp_unreach_df_bit = 0
11159
icmp_unreach_ip_id = !0
11160
11161
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11162
icmp_unreach_echoed_udp_cksum = OK
11163
icmp_unreach_echoed_ip_cksum = OK
11164
icmp_unreach_echoed_ip_id = OK
11165
icmp_unreach_echoed_total_len = OK
11166
icmp_unreach_echoed_3bit_flags = OK
11167
11168
#Module F [TCP SYN | ACK Module]
11169
#IP header of the TCP SYN ACK
11170
tcp_syn_ack_tos = 0
11171
tcp_syn_ack_df = 1
11172
tcp_syn_ack_ip_id = !0
11173
tcp_syn_ack_ttl = <128
11174
11175
#Information from the TCP header
11176
tcp_syn_ack_ack = 1
11177
tcp_syn_ack_window_size = 8760
11178
tcp_syn_ack_options_order = "MSS"
11179
tcp_syn_ack_wscale = NONE
11180
tcp_syn_ack_tsval = NONE
11181
tcp_syn_ack_tsecr = NONE
11182
11183
#Module G [TCP RST|ACK]
11184
tcp_rst_reply = y
11185
tcp_rst_df = 0
11186
tcp_rst_ip_id_1 = !0
11187
tcp_rst_ip_id_2 = !0
11188
tcp_rst_ip_id_strategy = I
11189
tcp_rst_ttl = <128
11190
}
11191
11192
fingerprint {
11193
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 4"
11194
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11195
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11196
#Date: 30 July 2002
11197
#Modified: 05 July 2003
11198
11199
#Module A
11200
icmp_echo_reply = y
11201
11202
11203
icmp_echo_code = 0
11204
icmp_echo_ip_id = !0
11205
icmp_echo_tos_bits = !0
11206
icmp_echo_df_bit = 1
11207
icmp_echo_reply_ttl = <128
11208
11209
#Module B
11210
icmp_timestamp_reply = n
11211
icmp_timestamp_reply_ttl = <128
11212
icmp_timestamp_reply_ip_id = !0
11213
11214
#Module C
11215
icmp_addrmask_reply = n
11216
icmp_addrmask_reply_ttl = <128
11217
icmp_addrmask_reply_ip_id = !0
11218
11219
#Module D
11220
icmp_info_reply = n
11221
icmp_info_reply_ttl = <128
11222
icmp_info_reply_ip_id = !0
11223
11224
#Module E
11225
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11226
icmp_unreach_reply = y
11227
icmp_unreach_echoed_dtsize = 8
11228
icmp_unreach_reply_ttl = <128
11229
icmp_unreach_precedence_bits = 0
11230
icmp_unreach_df_bit = 0
11231
icmp_unreach_ip_id = !0
11232
11233
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11234
icmp_unreach_echoed_udp_cksum = OK
11235
icmp_unreach_echoed_ip_cksum = OK
11236
icmp_unreach_echoed_ip_id = OK
11237
icmp_unreach_echoed_total_len = OK
11238
icmp_unreach_echoed_3bit_flags = OK
11239
11240
#Module F [TCP SYN | ACK Module]
11241
#IP header of the TCP SYN ACK
11242
tcp_syn_ack_tos = 0
11243
tcp_syn_ack_df = 1
11244
tcp_syn_ack_ip_id = !0
11245
tcp_syn_ack_ttl = <128
11246
11247
#Information from the TCP header
11248
tcp_syn_ack_ack = 1
11249
tcp_syn_ack_window_size = 8760
11250
tcp_syn_ack_options_order = "MSS"
11251
tcp_syn_ack_wscale = NONE
11252
tcp_syn_ack_tsval = NONE
11253
tcp_syn_ack_tsecr = NONE
11254
11255
#Module G [TCP RST|ACK]
11256
tcp_rst_reply = y
11257
tcp_rst_df = 0
11258
tcp_rst_ip_id_1 = !0
11259
tcp_rst_ip_id_2 = !0
11260
tcp_rst_ip_id_strategy = I
11261
tcp_rst_ttl = <128
11262
}
11263
11264
fingerprint {
11265
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 3"
11266
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11267
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11268
#Date: 30 July 2002
11269
#Modified: 05 July 2003
11270
11271
#Module A
11272
icmp_echo_reply = y
11273
11274
11275
icmp_echo_code = 0
11276
icmp_echo_ip_id = !0
11277
icmp_echo_tos_bits = !0
11278
icmp_echo_df_bit = 1
11279
icmp_echo_reply_ttl = <128
11280
11281
#Module B
11282
icmp_timestamp_reply = n
11283
icmp_timestamp_reply_ttl = <128
11284
icmp_timestamp_reply_ip_id = !0
11285
11286
#Module C
11287
icmp_addrmask_reply = y
11288
icmp_addrmask_reply_ttl = <128
11289
icmp_addrmask_reply_ip_id = !0
11290
11291
#Module D
11292
icmp_info_reply = n
11293
icmp_info_reply_ttl = <128
11294
icmp_info_reply_ip_id = !0
11295
11296
#Module E
11297
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11298
icmp_unreach_reply = y
11299
icmp_unreach_echoed_dtsize = 8
11300
icmp_unreach_reply_ttl = <128
11301
icmp_unreach_precedence_bits = 0
11302
icmp_unreach_df_bit = 0
11303
icmp_unreach_ip_id = !0
11304
11305
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11306
icmp_unreach_echoed_udp_cksum = OK
11307
icmp_unreach_echoed_ip_cksum = OK
11308
icmp_unreach_echoed_ip_id = OK
11309
icmp_unreach_echoed_total_len = OK
11310
icmp_unreach_echoed_3bit_flags = OK
11311
11312
#Module F [TCP SYN | ACK Module]
11313
#IP header of the TCP SYN ACK
11314
tcp_syn_ack_tos = 0
11315
tcp_syn_ack_df = 1
11316
tcp_syn_ack_ip_id = !0
11317
tcp_syn_ack_ttl = <128
11318
11319
#Information from the TCP header
11320
tcp_syn_ack_ack = 1
11321
tcp_syn_ack_window_size = 8760
11322
tcp_syn_ack_options_order = "MSS"
11323
tcp_syn_ack_wscale = NONE
11324
tcp_syn_ack_tsval = NONE
11325
tcp_syn_ack_tsecr = NONE
11326
11327
#Module G [TCP RST|ACK]
11328
tcp_rst_reply = y
11329
tcp_rst_df = 0
11330
tcp_rst_ip_id_1 = !0
11331
tcp_rst_ip_id_2 = !0
11332
tcp_rst_ip_id_strategy = I
11333
tcp_rst_ttl = <128
11334
}
11335
11336
fingerprint {
11337
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 2"
11338
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11339
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11340
#Date: 30 July 2002
11341
#Modified: 05 July 2003
11342
11343
#Module A
11344
icmp_echo_reply = y
11345
11346
11347
icmp_echo_code = 0
11348
icmp_echo_ip_id = !0
11349
icmp_echo_tos_bits = !0
11350
icmp_echo_df_bit = 1
11351
icmp_echo_reply_ttl = <128
11352
11353
#Module B
11354
icmp_timestamp_reply = n
11355
icmp_timestamp_reply_ttl = <128
11356
icmp_timestamp_reply_ip_id = !0
11357
11358
#Module C
11359
icmp_addrmask_reply = y
11360
icmp_addrmask_reply_ttl = <128
11361
icmp_addrmask_reply_ip_id = !0
11362
11363
#Module D
11364
icmp_info_reply = n
11365
icmp_info_reply_ttl = <128
11366
icmp_info_reply_ip_id = !0
11367
11368
#Module E
11369
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11370
icmp_unreach_reply = y
11371
icmp_unreach_echoed_dtsize = 8
11372
icmp_unreach_reply_ttl = <128
11373
icmp_unreach_precedence_bits = 0
11374
icmp_unreach_df_bit = 0
11375
icmp_unreach_ip_id = !0
11376
11377
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11378
icmp_unreach_echoed_udp_cksum = OK
11379
icmp_unreach_echoed_ip_cksum = OK
11380
icmp_unreach_echoed_ip_id = OK
11381
icmp_unreach_echoed_total_len = OK
11382
icmp_unreach_echoed_3bit_flags = OK
11383
11384
#Module F [TCP SYN | ACK Module]
11385
#IP header of the TCP SYN ACK
11386
tcp_syn_ack_tos = 0
11387
tcp_syn_ack_df = 1
11388
tcp_syn_ack_ip_id = !0
11389
tcp_syn_ack_ttl = <128
11390
11391
#Information from the TCP header
11392
tcp_syn_ack_ack = 1
11393
tcp_syn_ack_window_size = 8760
11394
tcp_syn_ack_options_order = "MSS"
11395
tcp_syn_ack_wscale = NONE
11396
tcp_syn_ack_tsval = NONE
11397
tcp_syn_ack_tsecr = NONE
11398
11399
#Module G [TCP RST|ACK]
11400
tcp_rst_reply = y
11401
tcp_rst_df = 0
11402
tcp_rst_ip_id_1 = !0
11403
tcp_rst_ip_id_2 = !0
11404
tcp_rst_ip_id_strategy = I
11405
tcp_rst_ttl = <128
11406
}
11407
11408
fingerprint {
11409
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 1"
11410
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11411
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11412
#Date: 30 July 2002
11413
#Modified: 05 July 2003
11414
11415
#Module A
11416
icmp_echo_reply = y
11417
11418
11419
icmp_echo_code = 0
11420
icmp_echo_ip_id = !0
11421
icmp_echo_tos_bits = !0
11422
icmp_echo_df_bit = 1
11423
icmp_echo_reply_ttl = <128
11424
11425
#Module B
11426
icmp_timestamp_reply = n
11427
icmp_timestamp_reply_ttl = <128
11428
icmp_timestamp_reply_ip_id = !0
11429
11430
#Module C
11431
icmp_addrmask_reply = y
11432
icmp_addrmask_reply_ttl = <128
11433
icmp_addrmask_reply_ip_id = !0
11434
11435
#Module D
11436
icmp_info_reply = n
11437
icmp_info_reply_ttl = <128
11438
icmp_info_reply_ip_id = !0
11439
11440
#Module E
11441
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11442
icmp_unreach_reply = y
11443
icmp_unreach_echoed_dtsize = 8
11444
icmp_unreach_reply_ttl = <128
11445
icmp_unreach_precedence_bits = 0
11446
icmp_unreach_df_bit = 0
11447
icmp_unreach_ip_id = !0
11448
11449
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11450
icmp_unreach_echoed_udp_cksum = OK
11451
icmp_unreach_echoed_ip_cksum = OK
11452
icmp_unreach_echoed_ip_id = OK
11453
icmp_unreach_echoed_total_len = OK
11454
icmp_unreach_echoed_3bit_flags = OK
11455
11456
#Module F [TCP SYN | ACK Module]
11457
#IP header of the TCP SYN ACK
11458
tcp_syn_ack_tos = 0
11459
tcp_syn_ack_df = 1
11460
tcp_syn_ack_ip_id = !0
11461
tcp_syn_ack_ttl = <128
11462
11463
#Information from the TCP header
11464
tcp_syn_ack_ack = 1
11465
tcp_syn_ack_window_size = 8760
11466
tcp_syn_ack_options_order = "MSS"
11467
tcp_syn_ack_wscale = NONE
11468
tcp_syn_ack_tsval = NONE
11469
tcp_syn_ack_tsecr = NONE
11470
11471
#Module G [TCP RST|ACK]
11472
tcp_rst_reply = y
11473
tcp_rst_df = 0
11474
tcp_rst_ip_id_1 = !0
11475
tcp_rst_ip_id_2 = !0
11476
tcp_rst_ip_id_strategy = I
11477
tcp_rst_ttl = <128
11478
}
11479
11480
fingerprint {
11481
OS_ID = "Microsoft Windows NT 4 Workstation"
11482
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11483
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11484
#Date: 30 July 2002
11485
#Modified: 05 July 2003
11486
11487
#Module A
11488
icmp_echo_reply = y
11489
11490
11491
icmp_echo_code = 0
11492
icmp_echo_ip_id = !0
11493
icmp_echo_tos_bits = !0
11494
icmp_echo_df_bit = 1
11495
icmp_echo_reply_ttl = <128
11496
11497
#Module B
11498
icmp_timestamp_reply = n
11499
icmp_timestamp_reply_ttl = <128
11500
icmp_timestamp_reply_ip_id = !0
11501
11502
#Module C
11503
icmp_addrmask_reply = y
11504
icmp_addrmask_reply_ttl = <128
11505
icmp_addrmask_reply_ip_id = !0
11506
11507
#Module D
11508
icmp_info_reply = n
11509
icmp_info_reply_ttl = <128
11510
icmp_info_reply_ip_id = !0
11511
11512
#Module E
11513
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11514
icmp_unreach_reply = y
11515
icmp_unreach_echoed_dtsize = 8
11516
icmp_unreach_reply_ttl = <128
11517
icmp_unreach_precedence_bits = 0
11518
icmp_unreach_df_bit = 0
11519
icmp_unreach_ip_id = !0
11520
11521
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11522
icmp_unreach_echoed_udp_cksum = OK
11523
icmp_unreach_echoed_ip_cksum = OK
11524
icmp_unreach_echoed_ip_id = OK
11525
icmp_unreach_echoed_total_len = OK
11526
icmp_unreach_echoed_3bit_flags = OK
11527
11528
#Module F [TCP SYN | ACK Module]
11529
#IP header of the TCP SYN ACK
11530
tcp_syn_ack_tos = 0
11531
tcp_syn_ack_df = 1
11532
tcp_syn_ack_ip_id = !0
11533
tcp_syn_ack_ttl = <128
11534
11535
#Information from the TCP header
11536
tcp_syn_ack_ack = 1
11537
tcp_syn_ack_window_size = 8760
11538
tcp_syn_ack_options_order = "MSS"
11539
tcp_syn_ack_wscale = NONE
11540
tcp_syn_ack_tsval = NONE
11541
tcp_syn_ack_tsecr = NONE
11542
11543
#Module G [TCP RST|ACK]
11544
tcp_rst_reply = y
11545
tcp_rst_df = 0
11546
tcp_rst_ip_id_1 = !0
11547
tcp_rst_ip_id_2 = !0
11548
tcp_rst_ip_id_strategy = I
11549
tcp_rst_ttl = <128
11550
}
11551
11552
fingerprint {
11553
OS_ID = "Microsoft Windows 98 Second Edition (SE)"
11554
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11555
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11556
#Date: 29 July 2002
11557
#Modified: 05 July 2003
11558
11559
#Module A [ICMP ECHO Probe]
11560
icmp_echo_reply = y
11561
11562
11563
icmp_echo_code = 0
11564
icmp_echo_ip_id = !0
11565
icmp_echo_tos_bits = !0
11566
icmp_echo_df_bit = 1
11567
icmp_echo_reply_ttl = <128
11568
11569
#Module B [ICMP Timestamp Probe]
11570
icmp_timestamp_reply = y
11571
icmp_timestamp_reply_ttl = <128
11572
icmp_timestamp_reply_ip_id = !0
11573
11574
#Module C [ICMP Address Mask Request Probe]
11575
icmp_addrmask_reply = y
11576
icmp_addrmask_reply_ttl = <128
11577
icmp_addrmask_reply_ip_id = !0
11578
11579
#Module D [ICMP Information Request Probe]
11580
icmp_info_reply = n
11581
icmp_info_reply_ttl = <128
11582
icmp_info_reply_ip_id = !0
11583
11584
#Module E [UDP -> ICMP Unreachable probe]
11585
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11586
icmp_unreach_reply = y
11587
icmp_unreach_echoed_dtsize = 8
11588
icmp_unreach_reply_ttl = <128
11589
icmp_unreach_precedence_bits = 0
11590
icmp_unreach_df_bit = 0
11591
icmp_unreach_ip_id = !0
11592
11593
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11594
icmp_unreach_echoed_udp_cksum = OK
11595
icmp_unreach_echoed_ip_cksum = OK
11596
icmp_unreach_echoed_ip_id = OK
11597
icmp_unreach_echoed_total_len = OK
11598
icmp_unreach_echoed_3bit_flags = OK
11599
11600
#Module F [TCP SYN | ACK Module]
11601
#IP header of the TCP SYN ACK
11602
tcp_syn_ack_tos = 0
11603
tcp_syn_ack_df = 1
11604
tcp_syn_ack_ip_id = !0
11605
tcp_syn_ack_ttl = <128
11606
11607
#Information from the TCP header
11608
tcp_syn_ack_ack = 1
11609
tcp_syn_ack_window_size = 8760
11610
tcp_syn_ack_options_order = "MSS NOP NOP SACK"
11611
tcp_syn_ack_wscale = NONE
11612
tcp_syn_ack_tsval = NONE
11613
tcp_syn_ack_tsecr = NONE
11614
11615
#Module G [TCP RST|ACK]
11616
tcp_rst_reply = y
11617
tcp_rst_df = 0
11618
tcp_rst_ip_id_1 = !0
11619
tcp_rst_ip_id_2 = !0
11620
tcp_rst_ip_id_strategy = I
11621
tcp_rst_ttl = <128
11622
}
11623
11624
fingerprint {
11625
OS_ID = "Microsoft Windows 98"
11626
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11627
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11628
#Date: 29 July 2002
11629
#Modified: 14 July 2003
11630
11631
#Module A [ICMP ECHO Probe]
11632
icmp_echo_reply = y
11633
11634
11635
icmp_echo_code = 0
11636
icmp_echo_ip_id = !0
11637
icmp_echo_tos_bits = !0
11638
icmp_echo_df_bit = 1
11639
icmp_echo_reply_ttl = <128
11640
11641
#Module B [ICMP Timestamp Probe]
11642
icmp_timestamp_reply = y
11643
icmp_timestamp_reply_ttl = <128
11644
icmp_timestamp_reply_ip_id = !0
11645
11646
#Module C [ICMP Address Mask Request Probe]
11647
icmp_addrmask_reply = y
11648
icmp_addrmask_reply_ttl = <128
11649
icmp_addrmask_reply_ip_id = !0
11650
11651
#Module D [ICMP Information Request Probe]
11652
icmp_info_reply = n
11653
icmp_info_reply_ttl = <128
11654
icmp_info_reply_ip_id = !0
11655
11656
#Module E [UDP -> ICMP Unreachable probe]
11657
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11658
icmp_unreach_reply = y
11659
icmp_unreach_echoed_dtsize = 8
11660
icmp_unreach_reply_ttl = <128
11661
icmp_unreach_precedence_bits = 0
11662
icmp_unreach_df_bit = 0
11663
icmp_unreach_ip_id = !0
11664
11665
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11666
icmp_unreach_echoed_udp_cksum = OK
11667
icmp_unreach_echoed_ip_cksum = OK
11668
icmp_unreach_echoed_ip_id = OK
11669
icmp_unreach_echoed_total_len = OK
11670
icmp_unreach_echoed_3bit_flags = OK
11671
11672
#Module F [TCP SYN | ACK Module]
11673
#IP header of the TCP SYN ACK
11674
tcp_syn_ack_tos = 0
11675
tcp_syn_ack_df = 1
11676
tcp_syn_ack_ip_id = !0
11677
tcp_syn_ack_ttl = <128
11678
11679
#Information from the TCP header
11680
tcp_syn_ack_ack = 1
11681
tcp_syn_ack_window_size = 8760
11682
tcp_syn_ack_options_order = "MSS NOP NOP SACK"
11683
tcp_syn_ack_wscale = NONE
11684
tcp_syn_ack_tsval = NONE
11685
tcp_syn_ack_tsecr = NONE
11686
11687
#Module G [TCP RST|ACK]
11688
tcp_rst_reply = y
11689
tcp_rst_df = 0
11690
tcp_rst_ip_id_1 = !0
11691
tcp_rst_ip_id_2 = !0
11692
tcp_rst_ip_id_strategy = I
11693
tcp_rst_ttl = <128
11694
}
11695
11696
fingerprint {
11697
OS_ID = "Microsoft Windows 95"
11698
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11699
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11700
#Date: 05 July 2003
11701
#Modified: 05 July 2003
11702
11703
#Module A [ICMP ECHO Probe]
11704
icmp_echo_reply = y
11705
11706
11707
icmp_echo_code = 0
11708
icmp_echo_ip_id = !0
11709
icmp_echo_tos_bits = !0
11710
icmp_echo_df_bit = 1
11711
icmp_echo_reply_ttl = <32
11712
11713
#Module B [ICMP Timestamp Probe]
11714
icmp_timestamp_reply = n
11715
icmp_timestamp_reply_ttl = <32
11716
icmp_timestamp_reply_ip_id = !0
11717
11718
#Module C [ICMP Address Mask Request Probe]
11719
icmp_addrmask_reply = y
11720
icmp_addrmask_reply_ttl = <32
11721
icmp_addrmask_reply_ip_id = !0
11722
11723
#Module D [ICMP Information Request Probe]
11724
icmp_info_reply = n
11725
icmp_info_reply_ttl = <32
11726
icmp_info_reply_ip_id = !0
11727
11728
#Module E [UDP -> ICMP Unreachable probe]
11729
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11730
icmp_unreach_reply = y
11731
icmp_unreach_echoed_dtsize = 8
11732
icmp_unreach_reply_ttl = <32
11733
icmp_unreach_precedence_bits = 0
11734
icmp_unreach_df_bit = 0
11735
icmp_unreach_ip_id = !0
11736
11737
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11738
icmp_unreach_echoed_udp_cksum = OK
11739
icmp_unreach_echoed_ip_cksum = OK
11740
icmp_unreach_echoed_ip_id = OK
11741
icmp_unreach_echoed_total_len = OK
11742
icmp_unreach_echoed_3bit_flags = OK
11743
11744
#Module F [TCP SYN | ACK Module]
11745
#IP header of the TCP SYN ACK
11746
tcp_syn_ack_tos = 0
11747
tcp_syn_ack_df = 1
11748
tcp_syn_ack_ip_id = !0
11749
tcp_syn_ack_ttl = <32
11750
11751
#Information from the TCP header
11752
tcp_syn_ack_ack = 1
11753
tcp_syn_ack_window_size = 8760
11754
tcp_syn_ack_options_order = "MSS"
11755
tcp_syn_ack_wscale = NONE
11756
tcp_syn_ack_tsval = NONE
11757
tcp_syn_ack_tsecr = NONE
11758
11759
#Module G [TCP RST|ACK]
11760
tcp_rst_reply = y
11761
tcp_rst_df = 0
11762
tcp_rst_ip_id_1 = !0
11763
tcp_rst_ip_id_2 = !0
11764
tcp_rst_ip_id_strategy = I
11765
tcp_rst_ttl = <32
11766
}
11767
11768
11769
#NetBSD
11770
11771
fingerprint {
11772
OS_ID = "NetBSD 2.0"
11773
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11774
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11775
#Date: 14 December 2004
11776
#Modified: -
11777
11778
#Module A
11779
icmp_echo_reply = y
11780
11781
11782
icmp_echo_code = !0
11783
icmp_echo_ip_id = !0
11784
icmp_echo_tos_bits = !0
11785
icmp_echo_df_bit = 0
11786
icmp_echo_reply_ttl = <255
11787
11788
#Module B
11789
icmp_timestamp_reply = y
11790
icmp_timestamp_reply_ttl = <255
11791
icmp_timestamp_reply_ip_id = !0
11792
11793
#Module C
11794
icmp_addrmask_reply = n
11795
icmp_addrmask_reply_ttl = <255
11796
icmp_addrmask_reply_ip_id = !0
11797
11798
#Module D
11799
icmp_info_reply = n
11800
icmp_info_reply_ttl = <255
11801
icmp_info_reply_ip_id = !0
11802
11803
#Module E
11804
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11805
icmp_unreach_reply = y
11806
icmp_unreach_echoed_dtsize = 8
11807
icmp_unreach_reply_ttl = <255
11808
icmp_unreach_precedence_bits = 0
11809
icmp_unreach_df_bit = 0
11810
icmp_unreach_ip_id = !0
11811
11812
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11813
icmp_unreach_echoed_udp_cksum = OK
11814
icmp_unreach_echoed_ip_cksum = OK
11815
icmp_unreach_echoed_ip_id = OK
11816
icmp_unreach_echoed_total_len = OK
11817
icmp_unreach_echoed_3bit_flags = OK
11818
11819
#Module F [TCP SYN | ACK Module]
11820
#IP header of the TCP SYN ACK
11821
tcp_syn_ack_tos = 0
11822
tcp_syn_ack_df = 1
11823
tcp_syn_ack_ip_id = !0
11824
tcp_syn_ack_ttl = <64
11825
11826
#Information from the TCP header
11827
tcp_syn_ack_ack = 1
11828
tcp_syn_ack_window_size = 32768
11829
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
11830
tcp_syn_ack_wscale = 0
11831
tcp_syn_ack_tsval = 0
11832
tcp_syn_ack_tsecr = !0
11833
11834
#Module G [TCP RST|ACK]
11835
tcp_rst_reply = y
11836
tcp_rst_df = 0
11837
tcp_rst_ip_id_1 = !0
11838
tcp_rst_ip_id_2 = !0
11839
tcp_rst_ip_id_strategy = I
11840
tcp_rst_ttl = <64
11841
}
11842
11843
fingerprint {
11844
OS_ID = "NetBSD 1.6.2"
11845
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11846
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11847
#Date: 14 December 2004
11848
#Modified: -
11849
11850
#Module A
11851
icmp_echo_reply = y
11852
11853
11854
icmp_echo_code = !0
11855
icmp_echo_ip_id = !0
11856
icmp_echo_tos_bits = !0
11857
icmp_echo_df_bit = 0
11858
icmp_echo_reply_ttl = <255
11859
11860
#Module B
11861
icmp_timestamp_reply = y
11862
icmp_timestamp_reply_ttl = <255
11863
icmp_timestamp_reply_ip_id = !0
11864
11865
#Module C
11866
icmp_addrmask_reply = n
11867
icmp_addrmask_reply_ttl = <255
11868
icmp_addrmask_reply_ip_id = !0
11869
11870
#Module D
11871
icmp_info_reply = n
11872
icmp_info_reply_ttl = <255
11873
icmp_info_reply_ip_id = !0
11874
11875
#Module E
11876
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11877
icmp_unreach_reply = y
11878
icmp_unreach_echoed_dtsize = 8
11879
icmp_unreach_reply_ttl = <255
11880
icmp_unreach_precedence_bits = 0
11881
icmp_unreach_df_bit = 0
11882
icmp_unreach_ip_id = !0
11883
11884
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11885
icmp_unreach_echoed_udp_cksum = OK
11886
icmp_unreach_echoed_ip_cksum = OK
11887
icmp_unreach_echoed_ip_id = OK
11888
icmp_unreach_echoed_total_len = OK
11889
icmp_unreach_echoed_3bit_flags = OK
11890
11891
#Module F [TCP SYN | ACK Module]
11892
#IP header of the TCP SYN ACK
11893
tcp_syn_ack_tos = 0
11894
tcp_syn_ack_df = 0
11895
tcp_syn_ack_ip_id = !0
11896
tcp_syn_ack_ttl = <64
11897
11898
#Information from the TCP header
11899
tcp_syn_ack_ack = 1
11900
tcp_syn_ack_window_size = 16384
11901
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
11902
tcp_syn_ack_wscale = 0
11903
tcp_syn_ack_tsval = 0
11904
tcp_syn_ack_tsecr = !0
11905
11906
#Module G [TCP RST|ACK]
11907
tcp_rst_reply = y
11908
tcp_rst_df = 0
11909
tcp_rst_ip_id_1 = !0
11910
tcp_rst_ip_id_2 = !0
11911
tcp_rst_ip_id_strategy = I
11912
tcp_rst_ttl = <64
11913
}
11914
11915
fingerprint {
11916
OS_ID = "NetBSD 1.6.1"
11917
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11918
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11919
#Date: 11 August 2002
11920
#Modified: 06 July 2003
11921
11922
#Module A
11923
icmp_echo_reply = y
11924
11925
11926
icmp_echo_code = !0
11927
icmp_echo_ip_id = !0
11928
icmp_echo_tos_bits = !0
11929
icmp_echo_df_bit = 0
11930
icmp_echo_reply_ttl = <255
11931
11932
#Module B
11933
icmp_timestamp_reply = y
11934
icmp_timestamp_reply_ttl = <255
11935
icmp_timestamp_reply_ip_id = !0
11936
11937
#Module C
11938
icmp_addrmask_reply = n
11939
icmp_addrmask_reply_ttl = <255
11940
icmp_addrmask_reply_ip_id = !0
11941
11942
#Module D
11943
icmp_info_reply = n
11944
icmp_info_reply_ttl = <255
11945
icmp_info_reply_ip_id = !0
11946
11947
#Module E
11948
#IP_Header_of_the_UDP_Port_Unreachable_error_message
11949
icmp_unreach_reply = y
11950
icmp_unreach_echoed_dtsize = 8
11951
icmp_unreach_reply_ttl = <255
11952
icmp_unreach_precedence_bits = 0
11953
icmp_unreach_df_bit = 0
11954
icmp_unreach_ip_id = !0
11955
11956
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
11957
icmp_unreach_echoed_udp_cksum = OK
11958
icmp_unreach_echoed_ip_cksum = OK
11959
icmp_unreach_echoed_ip_id = OK
11960
icmp_unreach_echoed_total_len = OK
11961
icmp_unreach_echoed_3bit_flags = OK
11962
11963
#Module F [TCP SYN | ACK Module]
11964
#IP header of the TCP SYN ACK
11965
tcp_syn_ack_tos = 0
11966
tcp_syn_ack_df = 0
11967
tcp_syn_ack_ip_id = !0
11968
tcp_syn_ack_ttl = <64
11969
11970
#Information from the TCP header
11971
tcp_syn_ack_ack = 1
11972
tcp_syn_ack_window_size = 16384
11973
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
11974
tcp_syn_ack_wscale = 0
11975
tcp_syn_ack_tsval = 0
11976
tcp_syn_ack_tsecr = !0
11977
11978
#Module G [TCP RST|ACK]
11979
tcp_rst_reply = y
11980
tcp_rst_df = 0
11981
tcp_rst_ip_id_1 = !0
11982
tcp_rst_ip_id_2 = !0
11983
tcp_rst_ip_id_strategy = I
11984
tcp_rst_ttl = <64
11985
}
11986
11987
11988
fingerprint {
11989
OS_ID = "NetBSD 1.6"
11990
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
11991
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
11992
#Date: 11 August 2002
11993
#Modified: 06 July 2003
11994
11995
#Module A
11996
icmp_echo_reply = y
11997
11998
11999
icmp_echo_code = !0
12000
icmp_echo_ip_id = !0
12001
icmp_echo_tos_bits = !0
12002
icmp_echo_df_bit = 0
12003
icmp_echo_reply_ttl = <255
12004
12005
#Module B
12006
icmp_timestamp_reply = y
12007
icmp_timestamp_reply_ttl = <255
12008
icmp_timestamp_reply_ip_id = !0
12009
12010
#Module C
12011
icmp_addrmask_reply = n
12012
icmp_addrmask_reply_ttl = <255
12013
icmp_addrmask_reply_ip_id = !0
12014
12015
#Module D
12016
icmp_info_reply = n
12017
icmp_info_reply_ttl = <255
12018
icmp_info_reply_ip_id = !0
12019
12020
#Module E
12021
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12022
icmp_unreach_reply = y
12023
icmp_unreach_echoed_dtsize = 8
12024
icmp_unreach_reply_ttl = <255
12025
icmp_unreach_precedence_bits = 0
12026
icmp_unreach_df_bit = 0
12027
icmp_unreach_ip_id = !0
12028
12029
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12030
icmp_unreach_echoed_udp_cksum = OK
12031
icmp_unreach_echoed_ip_cksum = OK
12032
icmp_unreach_echoed_ip_id = OK
12033
icmp_unreach_echoed_total_len = OK
12034
icmp_unreach_echoed_3bit_flags = OK
12035
12036
#Module F [TCP SYN | ACK Module]
12037
#IP header of the TCP SYN ACK
12038
tcp_syn_ack_tos = 0
12039
tcp_syn_ack_df = 0
12040
tcp_syn_ack_ip_id = !0
12041
tcp_syn_ack_ttl = <64
12042
12043
#Information from the TCP header
12044
tcp_syn_ack_ack = 1
12045
tcp_syn_ack_window_size = 16384
12046
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12047
tcp_syn_ack_wscale = 0
12048
tcp_syn_ack_tsval = 0
12049
tcp_syn_ack_tsecr = !0
12050
12051
#Module G [TCP RST|ACK]
12052
tcp_rst_reply = y
12053
tcp_rst_df = 0
12054
tcp_rst_ip_id_1 = !0
12055
tcp_rst_ip_id_2 = !0
12056
tcp_rst_ip_id_strategy = I
12057
tcp_rst_ttl = <64
12058
}
12059
12060
12061
fingerprint {
12062
OS_ID = "NetBSD 1.5.3"
12063
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12064
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12065
#Date: 11 August 2002
12066
#Modified: 06 July 2003
12067
12068
#Module A
12069
icmp_echo_reply = y
12070
12071
12072
icmp_echo_code = !0
12073
icmp_echo_ip_id = !0
12074
icmp_echo_tos_bits = !0
12075
icmp_echo_df_bit = 1
12076
icmp_echo_reply_ttl = <255
12077
12078
#Module B
12079
icmp_timestamp_reply = y
12080
icmp_timestamp_reply_ttl = <255
12081
icmp_timestamp_reply_ip_id = !0
12082
12083
#Module C
12084
icmp_addrmask_reply = n
12085
icmp_addrmask_reply_ttl = <255
12086
icmp_addrmask_reply_ip_id = !0
12087
12088
#Module D
12089
icmp_info_reply = n
12090
icmp_info_reply_ttl = <255
12091
icmp_info_reply_ip_id = !0
12092
12093
#Module E
12094
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12095
icmp_unreach_reply = y
12096
icmp_unreach_echoed_dtsize = 8
12097
icmp_unreach_reply_ttl = <255
12098
icmp_unreach_precedence_bits = 0
12099
icmp_unreach_df_bit = 0
12100
icmp_unreach_ip_id = !0
12101
12102
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12103
icmp_unreach_echoed_udp_cksum = OK
12104
icmp_unreach_echoed_ip_cksum = OK
12105
icmp_unreach_echoed_ip_id = OK
12106
icmp_unreach_echoed_total_len = OK
12107
icmp_unreach_echoed_3bit_flags = OK
12108
12109
#Module F [TCP SYN | ACK Module]
12110
#IP header of the TCP SYN ACK
12111
tcp_syn_ack_tos = 0
12112
tcp_syn_ack_df = 0
12113
tcp_syn_ack_ip_id = !0
12114
tcp_syn_ack_ttl = <64
12115
12116
#Information from the TCP header
12117
tcp_syn_ack_ack = 1
12118
tcp_syn_ack_window_size = 16384
12119
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12120
tcp_syn_ack_wscale = 0
12121
tcp_syn_ack_tsval = !0
12122
tcp_syn_ack_tsecr = !0
12123
12124
#Module G [TCP RST|ACK]
12125
tcp_rst_reply = y
12126
tcp_rst_df = 0
12127
tcp_rst_ip_id_1 = !0
12128
tcp_rst_ip_id_2 = !0
12129
tcp_rst_ip_id_strategy = I
12130
tcp_rst_ttl = <64
12131
}
12132
12133
12134
fingerprint {
12135
OS_ID = "NetBSD 1.5.2"
12136
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12137
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12138
#Date: 11 August 2002
12139
#Modified: 06 July 2003
12140
12141
#Module A
12142
icmp_echo_reply = y
12143
12144
12145
icmp_echo_code = !0
12146
icmp_echo_ip_id = !0
12147
icmp_echo_tos_bits = !0
12148
icmp_echo_df_bit = 1
12149
icmp_echo_reply_ttl = <255
12150
12151
#Module B
12152
icmp_timestamp_reply = y
12153
icmp_timestamp_reply_ttl = <255
12154
icmp_timestamp_reply_ip_id = !0
12155
12156
#Module C
12157
icmp_addrmask_reply = n
12158
icmp_addrmask_reply_ttl = <255
12159
icmp_addrmask_reply_ip_id = !0
12160
12161
#Module D
12162
icmp_info_reply = n
12163
icmp_info_reply_ttl = <255
12164
icmp_info_reply_ip_id = !0
12165
12166
#Module E
12167
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12168
icmp_unreach_reply = y
12169
icmp_unreach_echoed_dtsize = 8
12170
icmp_unreach_reply_ttl = <255
12171
icmp_unreach_precedence_bits = 0
12172
icmp_unreach_df_bit = 0
12173
icmp_unreach_ip_id = !0
12174
12175
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12176
icmp_unreach_echoed_udp_cksum = OK
12177
icmp_unreach_echoed_ip_cksum = OK
12178
icmp_unreach_echoed_ip_id = OK
12179
icmp_unreach_echoed_total_len = OK
12180
icmp_unreach_echoed_3bit_flags = OK
12181
12182
#Module F [TCP SYN | ACK Module]
12183
#IP header of the TCP SYN ACK
12184
tcp_syn_ack_tos = 0
12185
tcp_syn_ack_df = 0
12186
tcp_syn_ack_ip_id = !0
12187
tcp_syn_ack_ttl = <64
12188
12189
#Information from the TCP header
12190
tcp_syn_ack_ack = 1
12191
tcp_syn_ack_window_size = 16384
12192
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12193
tcp_syn_ack_wscale = 0
12194
tcp_syn_ack_tsval = !0
12195
tcp_syn_ack_tsecr = !0
12196
12197
#Module G [TCP RST|ACK]
12198
tcp_rst_reply = y
12199
tcp_rst_df = 0
12200
tcp_rst_ip_id_1 = !0
12201
tcp_rst_ip_id_2 = !0
12202
tcp_rst_ip_id_strategy = I
12203
tcp_rst_ttl = <64
12204
}
12205
12206
12207
fingerprint {
12208
OS_ID = "NetBSD 1.5.1"
12209
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12210
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12211
#Date: 11 August 2002
12212
#Modified: 06 July 2003
12213
12214
#Module A
12215
icmp_echo_reply = y
12216
12217
12218
icmp_echo_code = !0
12219
icmp_echo_ip_id = !0
12220
icmp_echo_tos_bits = !0
12221
icmp_echo_df_bit = 1
12222
icmp_echo_reply_ttl = <255
12223
12224
#Module B
12225
icmp_timestamp_reply = y
12226
icmp_timestamp_reply_ttl = <255
12227
icmp_timestamp_reply_ip_id = !0
12228
12229
#Module C
12230
icmp_addrmask_reply = n
12231
icmp_addrmask_reply_ttl = <255
12232
icmp_addrmask_reply_ip_id = !0
12233
12234
#Module D
12235
icmp_info_reply = n
12236
icmp_info_reply_ttl = <255
12237
icmp_info_reply_ip_id = !0
12238
12239
#Module E
12240
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12241
icmp_unreach_reply = y
12242
icmp_unreach_echoed_dtsize = 8
12243
icmp_unreach_reply_ttl = <255
12244
icmp_unreach_precedence_bits = 0
12245
icmp_unreach_df_bit = 0
12246
icmp_unreach_ip_id = !0
12247
12248
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12249
icmp_unreach_echoed_udp_cksum = OK
12250
icmp_unreach_echoed_ip_cksum = OK
12251
icmp_unreach_echoed_ip_id = OK
12252
icmp_unreach_echoed_total_len = OK
12253
icmp_unreach_echoed_3bit_flags = OK
12254
12255
#Module F [TCP SYN | ACK Module]
12256
#IP header of the TCP SYN ACK
12257
tcp_syn_ack_tos = 0
12258
tcp_syn_ack_df = 0
12259
tcp_syn_ack_ip_id = !0
12260
tcp_syn_ack_ttl = <64
12261
12262
#Information from the TCP header
12263
tcp_syn_ack_ack = 1
12264
tcp_syn_ack_window_size = 16384
12265
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12266
tcp_syn_ack_wscale = 0
12267
tcp_syn_ack_tsval = !0
12268
tcp_syn_ack_tsecr = !0
12269
12270
#Module G [TCP RST|ACK]
12271
tcp_rst_reply = y
12272
tcp_rst_df = 0
12273
tcp_rst_ip_id_1 = !0
12274
tcp_rst_ip_id_2 = !0
12275
tcp_rst_ip_id_strategy = I
12276
tcp_rst_ttl = <64
12277
}
12278
12279
12280
fingerprint {
12281
OS_ID = "NetBSD 1.5"
12282
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12283
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12284
#Date: 11 August 2002
12285
#Modified: 06 July 2003
12286
12287
#Module A
12288
icmp_echo_reply = y
12289
12290
12291
icmp_echo_code = !0
12292
icmp_echo_ip_id = !0
12293
icmp_echo_tos_bits = !0
12294
icmp_echo_df_bit = 1
12295
icmp_echo_reply_ttl = <255
12296
12297
#Module B
12298
icmp_timestamp_reply = y
12299
icmp_timestamp_reply_ttl = <255
12300
icmp_timestamp_reply_ip_id = !0
12301
12302
#Module C
12303
icmp_addrmask_reply = n
12304
icmp_addrmask_reply_ttl = <255
12305
icmp_addrmask_reply_ip_id = !0
12306
12307
#Module D
12308
icmp_info_reply = n
12309
icmp_info_reply_ttl = <255
12310
icmp_info_reply_ip_id = !0
12311
12312
#Module E
12313
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12314
icmp_unreach_reply = y
12315
icmp_unreach_echoed_dtsize = 8
12316
icmp_unreach_reply_ttl = <255
12317
icmp_unreach_precedence_bits = 0
12318
icmp_unreach_df_bit = 0
12319
icmp_unreach_ip_id = !0
12320
12321
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12322
icmp_unreach_echoed_udp_cksum = OK
12323
icmp_unreach_echoed_ip_cksum = OK
12324
icmp_unreach_echoed_ip_id = OK
12325
icmp_unreach_echoed_total_len = OK
12326
icmp_unreach_echoed_3bit_flags = OK
12327
12328
#Module F [TCP SYN | ACK Module]
12329
#IP header of the TCP SYN ACK
12330
tcp_syn_ack_tos = 0
12331
tcp_syn_ack_df = 0
12332
tcp_syn_ack_ip_id = !0
12333
tcp_syn_ack_ttl = <64
12334
12335
#Information from the TCP header
12336
tcp_syn_ack_ack = 1
12337
tcp_syn_ack_window_size = 16384
12338
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12339
tcp_syn_ack_wscale = 0
12340
tcp_syn_ack_tsval = !0
12341
tcp_syn_ack_tsecr = !0
12342
12343
#Module G [TCP RST|ACK]
12344
tcp_rst_reply = y
12345
tcp_rst_df = 0
12346
tcp_rst_ip_id_1 = !0
12347
tcp_rst_ip_id_2 = !0
12348
tcp_rst_ip_id_strategy = I
12349
tcp_rst_ttl = <64
12350
}
12351
12352
12353
fingerprint {
12354
OS_ID = "NetBSD 1.4.3"
12355
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12356
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12357
#Date: 11 July 2003
12358
#Modified: 11 July 2003
12359
12360
#Module A
12361
icmp_echo_reply = y
12362
12363
12364
icmp_echo_code = !0
12365
icmp_echo_ip_id = !0
12366
icmp_echo_tos_bits = !0
12367
icmp_echo_df_bit = 1
12368
icmp_echo_reply_ttl = <255
12369
12370
#Module B
12371
icmp_timestamp_reply = y
12372
icmp_timestamp_reply_ttl = <255
12373
icmp_timestamp_reply_ip_id = !0
12374
12375
#Module C
12376
icmp_addrmask_reply = n
12377
icmp_addrmask_reply_ttl = <255
12378
icmp_addrmask_reply_ip_id = !0
12379
12380
#Module D
12381
icmp_info_reply = n
12382
icmp_info_reply_ttl = <255
12383
icmp_info_reply_ip_id = !0
12384
12385
#Module E
12386
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12387
icmp_unreach_reply = y
12388
icmp_unreach_echoed_dtsize = 8
12389
icmp_unreach_reply_ttl = <255
12390
icmp_unreach_precedence_bits = 0
12391
icmp_unreach_df_bit = 0
12392
icmp_unreach_ip_id = !0
12393
12394
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12395
icmp_unreach_echoed_udp_cksum = OK
12396
icmp_unreach_echoed_ip_cksum = OK
12397
icmp_unreach_echoed_ip_id = OK
12398
icmp_unreach_echoed_total_len = OK
12399
icmp_unreach_echoed_3bit_flags = OK
12400
12401
#Module F [TCP SYN | ACK Module]
12402
#IP header of the TCP SYN ACK
12403
tcp_syn_ack_tos = 0
12404
tcp_syn_ack_df = 0
12405
tcp_syn_ack_ip_id = !0
12406
tcp_syn_ack_ttl = <64
12407
12408
#Information from the TCP header
12409
tcp_syn_ack_ack = 1
12410
tcp_syn_ack_window_size = 16384
12411
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12412
tcp_syn_ack_wscale = 0
12413
tcp_syn_ack_tsval = !0
12414
tcp_syn_ack_tsecr = !0
12415
12416
#Module G [TCP RST|ACK]
12417
tcp_rst_reply = y
12418
tcp_rst_df = 0
12419
tcp_rst_ip_id_1 = !0
12420
tcp_rst_ip_id_2 = !0
12421
tcp_rst_ip_id_strategy = I
12422
tcp_rst_ttl = <64
12423
}
12424
12425
12426
fingerprint {
12427
OS_ID = "NetBSD 1.4.2"
12428
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12429
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12430
#Date: 11 July 2003
12431
#Modified: 11 July 2003
12432
12433
#Module A
12434
icmp_echo_reply = y
12435
12436
12437
icmp_echo_code = !0
12438
icmp_echo_ip_id = !0
12439
icmp_echo_tos_bits = !0
12440
icmp_echo_df_bit = 1
12441
icmp_echo_reply_ttl = <255
12442
12443
#Module B
12444
icmp_timestamp_reply = y
12445
icmp_timestamp_reply_ttl = <255
12446
icmp_timestamp_reply_ip_id = !0
12447
12448
#Module C
12449
icmp_addrmask_reply = n
12450
icmp_addrmask_reply_ttl = <255
12451
icmp_addrmask_reply_ip_id = !0
12452
12453
#Module D
12454
icmp_info_reply = n
12455
icmp_info_reply_ttl = <255
12456
icmp_info_reply_ip_id = !0
12457
12458
#Module E
12459
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12460
icmp_unreach_reply = y
12461
icmp_unreach_echoed_dtsize = 8
12462
icmp_unreach_reply_ttl = <255
12463
icmp_unreach_precedence_bits = 0
12464
icmp_unreach_df_bit = 0
12465
icmp_unreach_ip_id = !0
12466
12467
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12468
icmp_unreach_echoed_udp_cksum = OK
12469
icmp_unreach_echoed_ip_cksum = OK
12470
icmp_unreach_echoed_ip_id = OK
12471
icmp_unreach_echoed_total_len = OK
12472
icmp_unreach_echoed_3bit_flags = OK
12473
12474
#Module F [TCP SYN | ACK Module]
12475
#IP header of the TCP SYN ACK
12476
tcp_syn_ack_tos = 0
12477
tcp_syn_ack_df = 0
12478
tcp_syn_ack_ip_id = !0
12479
tcp_syn_ack_ttl = <64
12480
12481
#Information from the TCP header
12482
tcp_syn_ack_ack = 1
12483
tcp_syn_ack_window_size = 16384
12484
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12485
tcp_syn_ack_wscale = 0
12486
tcp_syn_ack_tsval = !0
12487
tcp_syn_ack_tsecr = !0
12488
12489
#Module G [TCP RST|ACK]
12490
tcp_rst_reply = y
12491
tcp_rst_df = 0
12492
tcp_rst_ip_id_1 = !0
12493
tcp_rst_ip_id_2 = !0
12494
tcp_rst_ip_id_strategy = I
12495
tcp_rst_ttl = <64
12496
}
12497
12498
12499
fingerprint {
12500
OS_ID = "NetBSD 1.4.1"
12501
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12502
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12503
#Date: 11 July 2003
12504
#Modified: 11 July 2003
12505
12506
#Module A
12507
icmp_echo_reply = y
12508
12509
12510
icmp_echo_code = !0
12511
icmp_echo_ip_id = !0
12512
icmp_echo_tos_bits = !0
12513
icmp_echo_df_bit = 1
12514
icmp_echo_reply_ttl = <255
12515
12516
#Module B
12517
icmp_timestamp_reply = y
12518
icmp_timestamp_reply_ttl = <255
12519
icmp_timestamp_reply_ip_id = !0
12520
12521
#Module C
12522
icmp_addrmask_reply = n
12523
icmp_addrmask_reply_ttl = <255
12524
icmp_addrmask_reply_ip_id = !0
12525
12526
#Module D
12527
icmp_info_reply = n
12528
icmp_info_reply_ttl = <255
12529
icmp_info_reply_ip_id = !0
12530
12531
#Module E
12532
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12533
icmp_unreach_reply = y
12534
icmp_unreach_echoed_dtsize = 8
12535
icmp_unreach_reply_ttl = <255
12536
icmp_unreach_precedence_bits = 0
12537
icmp_unreach_df_bit = 0
12538
icmp_unreach_ip_id = !0
12539
12540
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12541
icmp_unreach_echoed_udp_cksum = OK
12542
icmp_unreach_echoed_ip_cksum = OK
12543
icmp_unreach_echoed_ip_id = OK
12544
icmp_unreach_echoed_total_len = OK
12545
icmp_unreach_echoed_3bit_flags = OK
12546
12547
#Module F [TCP SYN | ACK Module]
12548
#IP header of the TCP SYN ACK
12549
tcp_syn_ack_tos = 0
12550
tcp_syn_ack_df = 0
12551
tcp_syn_ack_ip_id = !0
12552
tcp_syn_ack_ttl = <64
12553
12554
#Information from the TCP header
12555
tcp_syn_ack_ack = 1
12556
tcp_syn_ack_window_size = 16384
12557
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12558
tcp_syn_ack_wscale = 0
12559
tcp_syn_ack_tsval = !0
12560
tcp_syn_ack_tsecr = !0
12561
12562
#Module G [TCP RST|ACK]
12563
tcp_rst_reply = y
12564
tcp_rst_df = 0
12565
tcp_rst_ip_id_1 = !0
12566
tcp_rst_ip_id_2 = !0
12567
tcp_rst_ip_id_strategy = I
12568
tcp_rst_ttl = <64
12569
}
12570
12571
12572
fingerprint {
12573
OS_ID = "NetBSD 1.4"
12574
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12575
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12576
#Date: 11 July 2003
12577
#Modified: 11 July 2003
12578
12579
#Module A
12580
icmp_echo_reply = y
12581
12582
12583
icmp_echo_code = !0
12584
icmp_echo_ip_id = !0
12585
icmp_echo_tos_bits = !0
12586
icmp_echo_df_bit = 1
12587
icmp_echo_reply_ttl = <255
12588
12589
#Module B
12590
icmp_timestamp_reply = y
12591
icmp_timestamp_reply_ttl = <255
12592
icmp_timestamp_reply_ip_id = !0
12593
12594
#Module C
12595
icmp_addrmask_reply = n
12596
icmp_addrmask_reply_ttl = <255
12597
icmp_addrmask_reply_ip_id = !0
12598
12599
#Module D
12600
icmp_info_reply = n
12601
icmp_info_reply_ttl = <255
12602
icmp_info_reply_ip_id = !0
12603
12604
#Module E
12605
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12606
icmp_unreach_reply = y
12607
icmp_unreach_echoed_dtsize = 8
12608
icmp_unreach_reply_ttl = <255
12609
icmp_unreach_precedence_bits = 0
12610
icmp_unreach_df_bit = 0
12611
icmp_unreach_ip_id = !0
12612
12613
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12614
icmp_unreach_echoed_udp_cksum = OK
12615
icmp_unreach_echoed_ip_cksum = OK
12616
icmp_unreach_echoed_ip_id = OK
12617
icmp_unreach_echoed_total_len = OK
12618
icmp_unreach_echoed_3bit_flags = OK
12619
12620
#Module F [TCP SYN | ACK Module]
12621
#IP header of the TCP SYN ACK
12622
tcp_syn_ack_tos = 0
12623
tcp_syn_ack_df = 0
12624
tcp_syn_ack_ip_id = !0
12625
tcp_syn_ack_ttl = <64
12626
12627
#Information from the TCP header
12628
tcp_syn_ack_ack = 1
12629
tcp_syn_ack_window_size = 16384
12630
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12631
tcp_syn_ack_wscale = 0
12632
tcp_syn_ack_tsval = !0
12633
tcp_syn_ack_tsecr = !0
12634
12635
#Module G [TCP RST|ACK]
12636
tcp_rst_reply = y
12637
tcp_rst_df = 0
12638
tcp_rst_ip_id_1 = !0
12639
tcp_rst_ip_id_2 = !0
12640
tcp_rst_ip_id_strategy = I
12641
tcp_rst_ttl = <64
12642
}
12643
12644
12645
fingerprint {
12646
OS_ID = "NetBSD 1.3.3"
12647
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12648
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12649
#Date: 11 July 2003
12650
#Modified: 11 July 2003
12651
12652
#Module A
12653
icmp_echo_reply = y
12654
12655
12656
icmp_echo_code = !0
12657
icmp_echo_ip_id = !0
12658
icmp_echo_tos_bits = !0
12659
icmp_echo_df_bit = 1
12660
icmp_echo_reply_ttl = <255
12661
12662
#Module B
12663
icmp_timestamp_reply = y
12664
icmp_timestamp_reply_ttl = <255
12665
icmp_timestamp_reply_ip_id = !0
12666
12667
#Module C
12668
icmp_addrmask_reply = n
12669
icmp_addrmask_reply_ttl = <255
12670
icmp_addrmask_reply_ip_id = !0
12671
12672
#Module D
12673
icmp_info_reply = n
12674
icmp_info_reply_ttl = <255
12675
icmp_info_reply_ip_id = !0
12676
12677
#Module E
12678
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12679
icmp_unreach_reply = y
12680
icmp_unreach_echoed_dtsize = 8
12681
icmp_unreach_reply_ttl = <255
12682
icmp_unreach_precedence_bits = 0
12683
icmp_unreach_df_bit = 1
12684
icmp_unreach_ip_id = !0
12685
12686
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12687
icmp_unreach_echoed_udp_cksum = 0
12688
icmp_unreach_echoed_ip_cksum = 0
12689
icmp_unreach_echoed_ip_id = FLIPPED
12690
icmp_unreach_echoed_total_len = OK
12691
icmp_unreach_echoed_3bit_flags = FLIPPED
12692
12693
#Module F [TCP SYN | ACK Module]
12694
#IP header of the TCP SYN ACK
12695
tcp_syn_ack_tos = 0
12696
tcp_syn_ack_df = 0
12697
tcp_syn_ack_ip_id = !0
12698
tcp_syn_ack_ttl = <64
12699
12700
#Information from the TCP header
12701
tcp_syn_ack_ack = 1
12702
tcp_syn_ack_window_size = 16384
12703
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12704
tcp_syn_ack_wscale = 0
12705
tcp_syn_ack_tsval = !0
12706
tcp_syn_ack_tsecr = !0
12707
12708
#Module G [TCP RST|ACK]
12709
tcp_rst_reply = y
12710
tcp_rst_df = 0
12711
tcp_rst_ip_id_1 = !0
12712
tcp_rst_ip_id_2 = !0
12713
tcp_rst_ip_id_strategy = I
12714
tcp_rst_ttl = <64
12715
}
12716
12717
12718
fingerprint {
12719
OS_ID = "NetBSD 1.3.2"
12720
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12721
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12722
#Date: 12 July 2003
12723
#Modified: 12 July 2003
12724
12725
#Module A
12726
icmp_echo_reply = y
12727
12728
12729
icmp_echo_code = !0
12730
icmp_echo_ip_id = !0
12731
icmp_echo_tos_bits = !0
12732
icmp_echo_df_bit = 1
12733
icmp_echo_reply_ttl = <255
12734
12735
#Module B
12736
icmp_timestamp_reply = y
12737
icmp_timestamp_reply_ttl = <255
12738
icmp_timestamp_reply_ip_id = !0
12739
12740
#Module C
12741
icmp_addrmask_reply = n
12742
icmp_addrmask_reply_ttl = <255
12743
icmp_addrmask_reply_ip_id = !0
12744
12745
#Module D
12746
icmp_info_reply = n
12747
icmp_info_reply_ttl = <255
12748
icmp_info_reply_ip_id = !0
12749
12750
#Module E
12751
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12752
icmp_unreach_reply = y
12753
icmp_unreach_echoed_dtsize = 8
12754
icmp_unreach_reply_ttl = <255
12755
icmp_unreach_precedence_bits = 0
12756
icmp_unreach_df_bit = 1
12757
icmp_unreach_ip_id = !0
12758
12759
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12760
icmp_unreach_echoed_udp_cksum = 0
12761
icmp_unreach_echoed_ip_cksum = 0
12762
icmp_unreach_echoed_ip_id = FLIPPED
12763
icmp_unreach_echoed_total_len = OK
12764
icmp_unreach_echoed_3bit_flags = FLIPPED
12765
12766
#Module F [TCP SYN | ACK Module]
12767
#IP header of the TCP SYN ACK
12768
tcp_syn_ack_tos = 0
12769
tcp_syn_ack_df = 0
12770
tcp_syn_ack_ip_id = !0
12771
tcp_syn_ack_ttl = <64
12772
12773
#Information from the TCP header
12774
tcp_syn_ack_ack = 1
12775
tcp_syn_ack_window_size = 16384
12776
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12777
tcp_syn_ack_wscale = 0
12778
tcp_syn_ack_tsval = !0
12779
tcp_syn_ack_tsecr = !0
12780
12781
#Module G [TCP RST|ACK]
12782
tcp_rst_reply = y
12783
tcp_rst_df = 0
12784
tcp_rst_ip_id_1 = !0
12785
tcp_rst_ip_id_2 = !0
12786
tcp_rst_ip_id_strategy = I
12787
tcp_rst_ttl = <64
12788
}
12789
12790
12791
fingerprint {
12792
OS_ID = "NetBSD 1.3.1"
12793
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12794
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12795
#Date: 12 July 2003
12796
#Modified: 12 July 2003
12797
12798
#Module A
12799
icmp_echo_reply = y
12800
12801
12802
icmp_echo_code = !0
12803
icmp_echo_ip_id = !0
12804
icmp_echo_tos_bits = !0
12805
icmp_echo_df_bit = 1
12806
icmp_echo_reply_ttl = <255
12807
12808
#Module B
12809
icmp_timestamp_reply = y
12810
icmp_timestamp_reply_ttl = <255
12811
icmp_timestamp_reply_ip_id = !0
12812
12813
#Module C
12814
icmp_addrmask_reply = n
12815
icmp_addrmask_reply_ttl = <255
12816
icmp_addrmask_reply_ip_id = !0
12817
12818
#Module D
12819
icmp_info_reply = n
12820
icmp_info_reply_ttl = <255
12821
icmp_info_reply_ip_id = !0
12822
12823
#Module E
12824
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12825
icmp_unreach_reply = y
12826
icmp_unreach_echoed_dtsize = 8
12827
icmp_unreach_reply_ttl = <255
12828
icmp_unreach_precedence_bits = 0
12829
icmp_unreach_df_bit = 1
12830
icmp_unreach_ip_id = !0
12831
12832
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12833
icmp_unreach_echoed_udp_cksum = 0
12834
icmp_unreach_echoed_ip_cksum = 0
12835
icmp_unreach_echoed_ip_id = FLIPPED
12836
icmp_unreach_echoed_total_len = OK
12837
icmp_unreach_echoed_3bit_flags = FLIPPED
12838
12839
#Module F [TCP SYN | ACK Module]
12840
#IP header of the TCP SYN ACK
12841
tcp_syn_ack_tos = 0
12842
tcp_syn_ack_df = 0
12843
tcp_syn_ack_ip_id = !0
12844
tcp_syn_ack_ttl = <64
12845
12846
#Information from the TCP header
12847
tcp_syn_ack_ack = 1
12848
tcp_syn_ack_window_size = 16384
12849
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12850
tcp_syn_ack_wscale = 0
12851
tcp_syn_ack_tsval = !0
12852
tcp_syn_ack_tsecr = !0
12853
12854
#Module G [TCP RST|ACK]
12855
tcp_rst_reply = y
12856
tcp_rst_df = 0
12857
tcp_rst_ip_id_1 = !0
12858
tcp_rst_ip_id_2 = !0
12859
tcp_rst_ip_id_strategy = I
12860
tcp_rst_ttl = <64
12861
}
12862
12863
12864
fingerprint {
12865
OS_ID = "NetBSD 1.3"
12866
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12867
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12868
#Date: 12 July 2003
12869
#Modified: 12 July 2003
12870
12871
#Module A
12872
icmp_echo_reply = y
12873
12874
12875
icmp_echo_code = !0
12876
icmp_echo_ip_id = !0
12877
icmp_echo_tos_bits = !0
12878
icmp_echo_df_bit = 1
12879
icmp_echo_reply_ttl = <255
12880
12881
#Module B
12882
icmp_timestamp_reply = y
12883
icmp_timestamp_reply_ttl = <255
12884
icmp_timestamp_reply_ip_id = !0
12885
12886
#Module C
12887
icmp_addrmask_reply = n
12888
icmp_addrmask_reply_ttl = <255
12889
icmp_addrmask_reply_ip_id = !0
12890
12891
#Module D
12892
icmp_info_reply = n
12893
icmp_info_reply_ttl = <255
12894
icmp_info_reply_ip_id = !0
12895
12896
#Module E
12897
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12898
icmp_unreach_reply = y
12899
icmp_unreach_echoed_dtsize = 8
12900
icmp_unreach_reply_ttl = <255
12901
icmp_unreach_precedence_bits = 0
12902
icmp_unreach_df_bit = 1
12903
icmp_unreach_ip_id = !0
12904
12905
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12906
icmp_unreach_echoed_udp_cksum = 0
12907
icmp_unreach_echoed_ip_cksum = 0
12908
icmp_unreach_echoed_ip_id = FLIPPED
12909
icmp_unreach_echoed_total_len = OK
12910
icmp_unreach_echoed_3bit_flags = FLIPPED
12911
12912
#Module F [TCP SYN | ACK Module]
12913
#IP header of the TCP SYN ACK
12914
tcp_syn_ack_tos = 0
12915
tcp_syn_ack_df = 0
12916
tcp_syn_ack_ip_id = !0
12917
tcp_syn_ack_ttl = <64
12918
12919
#Information from the TCP header
12920
tcp_syn_ack_ack = 1
12921
tcp_syn_ack_window_size = 16384
12922
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
12923
tcp_syn_ack_wscale = 0
12924
tcp_syn_ack_tsval = !0
12925
tcp_syn_ack_tsecr = !0
12926
12927
#Module G [TCP RST|ACK]
12928
tcp_rst_reply = y
12929
tcp_rst_df = 0
12930
tcp_rst_ip_id_1 = !0
12931
tcp_rst_ip_id_2 = !0
12932
tcp_rst_ip_id_strategy = I
12933
tcp_rst_ttl = <64
12934
}
12935
12936
12937
12938
#OpenBSD
12939
12940
fingerprint {
12941
OS_ID = "OpenBSD 3.6"
12942
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
12943
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
12944
#Date: 15 December 2004
12945
#Modified: -
12946
12947
#Module A
12948
icmp_echo_reply = y
12949
12950
12951
icmp_echo_code = !0
12952
icmp_echo_ip_id = !0
12953
icmp_echo_tos_bits = !0
12954
icmp_echo_df_bit = 1
12955
icmp_echo_reply_ttl = <255
12956
12957
#Module B
12958
icmp_timestamp_reply = y
12959
icmp_timestamp_reply_ttl = <255
12960
icmp_timestamp_reply_ip_id = !0
12961
12962
#Module C
12963
icmp_addrmask_reply = n
12964
icmp_addrmask_reply_ttl = <255
12965
icmp_addrmask_reply_ip_id = !0
12966
12967
#Module D
12968
icmp_info_reply = n
12969
icmp_info_reply_ttl = <255
12970
icmp_info_reply_ip_id = !0
12971
12972
#Module E
12973
#IP_Header_of_the_UDP_Port_Unreachable_error_message
12974
icmp_unreach_reply = y
12975
icmp_unreach_echoed_dtsize = 8
12976
icmp_unreach_reply_ttl = <255
12977
icmp_unreach_precedence_bits = 0
12978
icmp_unreach_df_bit = 0
12979
icmp_unreach_ip_id = !0
12980
12981
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
12982
icmp_unreach_echoed_udp_cksum = OK
12983
icmp_unreach_echoed_ip_cksum = OK
12984
icmp_unreach_echoed_ip_id = OK
12985
icmp_unreach_echoed_total_len = OK
12986
icmp_unreach_echoed_3bit_flags = OK
12987
12988
#Module F [TCP SYN | ACK Module]
12989
#IP header of the TCP SYN | ACK
12990
tcp_syn_ack_tos = 0
12991
tcp_syn_ack_df = 1
12992
tcp_syn_ack_ip_id = !0
12993
tcp_syn_ack_ttl = <64
12994
12995
#Information from the TCP header
12996
tcp_syn_ack_ack = 1
12997
tcp_syn_ack_window_size = 16384
12998
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
12999
tcp_syn_ack_wscale = 0
13000
tcp_syn_ack_tsval = !0
13001
tcp_syn_ack_tsecr = !0
13002
13003
#Module G [TCP RST|ACK]
13004
tcp_rst_reply = y
13005
tcp_rst_df = 1
13006
tcp_rst_ip_id_1 = !0
13007
tcp_rst_ip_id_2 = !0
13008
tcp_rst_ip_id_strategy = R
13009
tcp_rst_ttl = <64
13010
}
13011
13012
13013
fingerprint {
13014
OS_ID = "OpenBSD 3.5"
13015
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13016
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13017
#Date: 14 December 2004
13018
#Modified: -
13019
13020
#Module A
13021
icmp_echo_reply = y
13022
13023
13024
icmp_echo_code = !0
13025
icmp_echo_ip_id = !0
13026
icmp_echo_tos_bits = !0
13027
icmp_echo_df_bit = 1
13028
icmp_echo_reply_ttl = <255
13029
13030
#Module B
13031
icmp_timestamp_reply = y
13032
icmp_timestamp_reply_ttl = <255
13033
icmp_timestamp_reply_ip_id = !0
13034
13035
#Module C
13036
icmp_addrmask_reply = n
13037
icmp_addrmask_reply_ttl = <255
13038
icmp_addrmask_reply_ip_id = !0
13039
13040
#Module D
13041
icmp_info_reply = n
13042
icmp_info_reply_ttl = <255
13043
icmp_info_reply_ip_id = !0
13044
13045
#Module E
13046
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13047
icmp_unreach_reply = y
13048
icmp_unreach_echoed_dtsize = 8
13049
icmp_unreach_reply_ttl = <255
13050
icmp_unreach_precedence_bits = 0
13051
icmp_unreach_df_bit = 0
13052
icmp_unreach_ip_id = !0
13053
13054
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13055
icmp_unreach_echoed_udp_cksum = OK
13056
icmp_unreach_echoed_ip_cksum = OK
13057
icmp_unreach_echoed_ip_id = OK
13058
icmp_unreach_echoed_total_len = OK
13059
icmp_unreach_echoed_3bit_flags = OK
13060
13061
#Module F [TCP SYN | ACK Module]
13062
#IP header of the TCP SYN | ACK
13063
tcp_syn_ack_tos = 0
13064
tcp_syn_ack_df = 1
13065
tcp_syn_ack_ip_id = !0
13066
tcp_syn_ack_ttl = <64
13067
13068
#Information from the TCP header
13069
tcp_syn_ack_ack = 1
13070
tcp_syn_ack_window_size = 16384
13071
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13072
tcp_syn_ack_wscale = 0
13073
tcp_syn_ack_tsval = !0
13074
tcp_syn_ack_tsecr = !0
13075
13076
#Module G [TCP RST|ACK]
13077
tcp_rst_reply = y
13078
tcp_rst_df = 1
13079
tcp_rst_ip_id_1 = !0
13080
tcp_rst_ip_id_2 = !0
13081
tcp_rst_ip_id_strategy = R
13082
tcp_rst_ttl = <64
13083
}
13084
13085
13086
fingerprint {
13087
OS_ID = "OpenBSD 3.4"
13088
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13089
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13090
#Date: 14 December 2004
13091
#Modified: -
13092
13093
#Module A
13094
icmp_echo_reply = y
13095
13096
13097
icmp_echo_code = !0
13098
icmp_echo_ip_id = !0
13099
icmp_echo_tos_bits = !0
13100
icmp_echo_df_bit = 1
13101
icmp_echo_reply_ttl = <255
13102
13103
#Module B
13104
icmp_timestamp_reply = y
13105
icmp_timestamp_reply_ttl = <255
13106
icmp_timestamp_reply_ip_id = !0
13107
13108
#Module C
13109
icmp_addrmask_reply = n
13110
icmp_addrmask_reply_ttl = <255
13111
icmp_addrmask_reply_ip_id = !0
13112
13113
#Module D
13114
icmp_info_reply = n
13115
icmp_info_reply_ttl = <255
13116
icmp_info_reply_ip_id = !0
13117
13118
#Module E
13119
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13120
icmp_unreach_reply = y
13121
icmp_unreach_echoed_dtsize = 8
13122
icmp_unreach_reply_ttl = <255
13123
icmp_unreach_precedence_bits = 0
13124
icmp_unreach_df_bit = 0
13125
icmp_unreach_ip_id = !0
13126
13127
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13128
icmp_unreach_echoed_udp_cksum = OK
13129
icmp_unreach_echoed_ip_cksum = OK
13130
icmp_unreach_echoed_ip_id = OK
13131
icmp_unreach_echoed_total_len = OK
13132
icmp_unreach_echoed_3bit_flags = OK
13133
13134
#Module F [TCP SYN | ACK Module]
13135
#IP header of the TCP SYN | ACK
13136
tcp_syn_ack_tos = 0
13137
tcp_syn_ack_df = 1
13138
tcp_syn_ack_ip_id = !0
13139
tcp_syn_ack_ttl = <64
13140
13141
#Information from the TCP header
13142
tcp_syn_ack_ack = 1
13143
tcp_syn_ack_window_size = 17376
13144
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13145
tcp_syn_ack_wscale = 0
13146
tcp_syn_ack_tsval = !0
13147
tcp_syn_ack_tsecr = !0
13148
13149
#Module G [TCP RST|ACK]
13150
tcp_rst_reply = y
13151
tcp_rst_df = 1
13152
tcp_rst_ip_id_1 = !0
13153
tcp_rst_ip_id_2 = !0
13154
tcp_rst_ip_id_strategy = R
13155
tcp_rst_ttl = <64
13156
}
13157
13158
13159
fingerprint {
13160
OS_ID = "OpenBSD 3.3"
13161
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13162
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13163
#Date: 07 June 2003
13164
#Modified: 11 July 2003
13165
13166
#Module A
13167
icmp_echo_reply = y
13168
13169
13170
icmp_echo_code = !0
13171
icmp_echo_ip_id = !0
13172
icmp_echo_tos_bits = !0
13173
icmp_echo_df_bit = 1
13174
icmp_echo_reply_ttl = <255
13175
13176
#Module B
13177
icmp_timestamp_reply = y
13178
icmp_timestamp_reply_ttl = <255
13179
icmp_timestamp_reply_ip_id = !0
13180
13181
#Module C
13182
icmp_addrmask_reply = n
13183
icmp_addrmask_reply_ttl = <255
13184
icmp_addrmask_reply_ip_id = !0
13185
13186
#Module D
13187
icmp_info_reply = n
13188
icmp_info_reply_ttl = <255
13189
icmp_info_reply_ip_id = !0
13190
13191
#Module E
13192
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13193
icmp_unreach_reply = y
13194
icmp_unreach_echoed_dtsize = 8
13195
icmp_unreach_reply_ttl = <255
13196
icmp_unreach_precedence_bits = 0
13197
icmp_unreach_df_bit = 0
13198
icmp_unreach_ip_id = !0
13199
13200
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13201
icmp_unreach_echoed_udp_cksum = OK
13202
icmp_unreach_echoed_ip_cksum = BAD
13203
icmp_unreach_echoed_ip_id = OK
13204
icmp_unreach_echoed_total_len = <20
13205
icmp_unreach_echoed_3bit_flags = OK
13206
13207
#Module F [TCP SYN | ACK Module]
13208
#IP header of the TCP SYN | ACK
13209
tcp_syn_ack_tos = 0
13210
tcp_syn_ack_df = 1
13211
tcp_syn_ack_ip_id = !0
13212
tcp_syn_ack_ttl = <64
13213
13214
#Information from the TCP header
13215
tcp_syn_ack_ack = 1
13216
tcp_syn_ack_window_size = 17376
13217
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13218
tcp_syn_ack_wscale = 0
13219
tcp_syn_ack_tsval = !0
13220
tcp_syn_ack_tsecr = !0
13221
13222
#Module G [TCP RST|ACK]
13223
tcp_rst_reply = y
13224
tcp_rst_df = 1
13225
tcp_rst_ip_id_1 = !0
13226
tcp_rst_ip_id_2 = !0
13227
tcp_rst_ip_id_strategy = R
13228
tcp_rst_ttl = <64
13229
}
13230
13231
13232
fingerprint {
13233
OS_ID = "OpenBSD 3.2"
13234
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13235
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13236
#Date: 06 April 2003
13237
#Modified: 11 July 2003
13238
13239
#Module A
13240
icmp_echo_reply = y
13241
13242
13243
icmp_echo_code = !0
13244
icmp_echo_ip_id = !0
13245
icmp_echo_tos_bits = !0
13246
icmp_echo_df_bit = 1
13247
icmp_echo_reply_ttl = <255
13248
13249
#Module B
13250
icmp_timestamp_reply = y
13251
icmp_timestamp_reply_ttl = <255
13252
icmp_timestamp_reply_ip_id = !0
13253
13254
#Module C
13255
icmp_addrmask_reply = n
13256
icmp_addrmask_reply_ttl = <255
13257
icmp_addrmask_reply_ip_id = !0
13258
13259
#Module D
13260
icmp_info_reply = n
13261
icmp_info_reply_ttl = <255
13262
icmp_info_reply_ip_id = !0
13263
13264
#Module E
13265
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13266
icmp_unreach_reply = y
13267
icmp_unreach_echoed_dtsize = 8
13268
icmp_unreach_reply_ttl = <255
13269
icmp_unreach_precedence_bits = 0
13270
icmp_unreach_df_bit = 0
13271
icmp_unreach_ip_id = !0
13272
13273
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13274
icmp_unreach_echoed_udp_cksum = OK
13275
icmp_unreach_echoed_ip_cksum = BAD
13276
icmp_unreach_echoed_ip_id = OK
13277
icmp_unreach_echoed_total_len = <20
13278
icmp_unreach_echoed_3bit_flags = OK
13279
13280
#Module F [TCP SYN | ACK Module]
13281
#IP header of the TCP SYN | ACK
13282
tcp_syn_ack_tos = 0
13283
tcp_syn_ack_df = 1
13284
tcp_syn_ack_ip_id = !0
13285
tcp_syn_ack_ttl = <64
13286
13287
#Information from the TCP header
13288
tcp_syn_ack_ack = 1
13289
tcp_syn_ack_window_size = 17376
13290
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13291
tcp_syn_ack_wscale = 0
13292
tcp_syn_ack_tsval = !0
13293
tcp_syn_ack_tsecr = !0
13294
13295
#Module G [TCP RST|ACK]
13296
tcp_rst_reply = y
13297
tcp_rst_df = 1
13298
tcp_rst_ip_id_1 = !0
13299
tcp_rst_ip_id_2 = !0
13300
tcp_rst_ip_id_strategy = R
13301
tcp_rst_ttl = <64
13302
}
13303
13304
13305
fingerprint {
13306
OS_ID = "OpenBSD 3.1"
13307
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13308
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13309
#Date: 24 August 2002
13310
#Modified: 11 July 2003
13311
13312
#Module A
13313
icmp_echo_reply = y
13314
13315
13316
icmp_echo_code = !0
13317
icmp_echo_ip_id = !0
13318
icmp_echo_tos_bits = !0
13319
icmp_echo_df_bit = 1
13320
icmp_echo_reply_ttl = <255
13321
13322
#Module B
13323
icmp_timestamp_reply = y
13324
icmp_timestamp_reply_ttl = <255
13325
icmp_timestamp_reply_ip_id = !0
13326
13327
#Module C
13328
icmp_addrmask_reply = n
13329
icmp_addrmask_reply_ttl = <255
13330
icmp_addrmask_reply_ip_id = !0
13331
13332
#Module D
13333
icmp_info_reply = n
13334
icmp_info_reply_ttl = <255
13335
icmp_info_reply_ip_id = !0
13336
13337
#Module E
13338
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13339
icmp_unreach_reply = y
13340
icmp_unreach_echoed_dtsize = 8
13341
icmp_unreach_reply_ttl = <255
13342
icmp_unreach_precedence_bits = 0
13343
icmp_unreach_df_bit = 0
13344
icmp_unreach_ip_id = !0
13345
13346
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13347
icmp_unreach_echoed_udp_cksum = OK
13348
icmp_unreach_echoed_ip_cksum = BAD
13349
icmp_unreach_echoed_ip_id = OK
13350
icmp_unreach_echoed_total_len = <20
13351
icmp_unreach_echoed_3bit_flags = OK
13352
13353
#Module F [TCP SYN | ACK Module]
13354
#IP header of the TCP SYN | ACK
13355
tcp_syn_ack_tos = 0
13356
tcp_syn_ack_df = 1
13357
tcp_syn_ack_ip_id = !0
13358
tcp_syn_ack_ttl = <64
13359
13360
#Information from the TCP header
13361
tcp_syn_ack_ack = 1
13362
tcp_syn_ack_window_size = 17376
13363
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13364
tcp_syn_ack_wscale = 0
13365
tcp_syn_ack_tsval = !0
13366
tcp_syn_ack_tsecr = !0
13367
13368
#Module G [TCP RST|ACK]
13369
tcp_rst_reply = y
13370
tcp_rst_df = 1
13371
tcp_rst_ip_id_1 = !0
13372
tcp_rst_ip_id_2 = !0
13373
tcp_rst_ip_id_strategy = R
13374
tcp_rst_ttl = <64
13375
}
13376
13377
13378
fingerprint {
13379
OS_ID = "OpenBSD 3.0"
13380
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13381
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13382
#Date: 11 August 2002
13383
#Modified: 11 July 2003
13384
13385
#Module A
13386
icmp_echo_reply = y
13387
13388
13389
icmp_echo_code = !0
13390
icmp_echo_ip_id = !0
13391
icmp_echo_tos_bits = !0
13392
icmp_echo_df_bit = 1
13393
icmp_echo_reply_ttl = <255
13394
13395
#Module B
13396
icmp_timestamp_reply = y
13397
icmp_timestamp_reply_ttl = <255
13398
icmp_timestamp_reply_ip_id = !0
13399
13400
#Module C
13401
icmp_addrmask_reply = n
13402
icmp_addrmask_reply_ttl = <255
13403
icmp_addrmask_reply_ip_id = !0
13404
13405
#Module D
13406
icmp_info_reply = n
13407
icmp_info_reply_ttl = <255
13408
icmp_info_reply_ip_id = !0
13409
13410
#Module E
13411
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13412
icmp_unreach_reply = y
13413
icmp_unreach_echoed_dtsize = 8
13414
icmp_unreach_reply_ttl = <255
13415
icmp_unreach_precedence_bits = 0
13416
icmp_unreach_df_bit = 0
13417
icmp_unreach_ip_id = !0
13418
13419
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13420
icmp_unreach_echoed_udp_cksum = OK
13421
icmp_unreach_echoed_ip_cksum = BAD
13422
icmp_unreach_echoed_ip_id = OK
13423
icmp_unreach_echoed_total_len = <20
13424
icmp_unreach_echoed_3bit_flags = OK
13425
13426
#Module F [TCP SYN | ACK Module]
13427
#IP header of the TCP SYN | ACK
13428
tcp_syn_ack_tos = 0
13429
tcp_syn_ack_df = 1
13430
tcp_syn_ack_ip_id = !0
13431
tcp_syn_ack_ttl = <64
13432
13433
#Information from the TCP header
13434
tcp_syn_ack_ack = 1
13435
tcp_syn_ack_window_size = 17376
13436
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13437
tcp_syn_ack_wscale = 0
13438
tcp_syn_ack_tsval = !0
13439
tcp_syn_ack_tsecr = !0
13440
13441
#Module G [TCP RST|ACK]
13442
tcp_rst_reply = y
13443
tcp_rst_df = 1
13444
tcp_rst_ip_id_1 = !0
13445
tcp_rst_ip_id_2 = !0
13446
tcp_rst_ip_id_strategy = R
13447
tcp_rst_ttl = <64
13448
}
13449
13450
13451
fingerprint {
13452
OS_ID = "OpenBSD 2.9"
13453
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13454
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13455
#Date: 11 August 2002
13456
#Modified: 12 July 2003
13457
13458
#Module A
13459
icmp_echo_reply = y
13460
13461
13462
icmp_echo_code = !0
13463
icmp_echo_ip_id = !0
13464
icmp_echo_tos_bits = !0
13465
icmp_echo_df_bit = 1
13466
icmp_echo_reply_ttl = <255
13467
13468
#Module B
13469
icmp_timestamp_reply = y
13470
icmp_timestamp_reply_ttl = <255
13471
icmp_timestamp_reply_ip_id = !0
13472
13473
#Module C
13474
icmp_addrmask_reply = n
13475
icmp_addrmask_reply_ttl = <255
13476
icmp_addrmask_reply_ip_id = !0
13477
13478
#Module D
13479
icmp_info_reply = n
13480
icmp_info_reply_ttl = <255
13481
icmp_info_reply_ip_id = !0
13482
13483
#Module E
13484
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13485
icmp_unreach_reply = y
13486
icmp_unreach_echoed_dtsize = 8
13487
icmp_unreach_reply_ttl = <255
13488
icmp_unreach_precedence_bits = 0
13489
icmp_unreach_df_bit = 0
13490
icmp_unreach_ip_id = !0
13491
13492
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13493
icmp_unreach_echoed_udp_cksum = OK
13494
icmp_unreach_echoed_ip_cksum = OK
13495
icmp_unreach_echoed_ip_id = OK
13496
icmp_unreach_echoed_total_len = <20
13497
icmp_unreach_echoed_3bit_flags = OK
13498
13499
#Module F [TCP SYN | ACK Module]
13500
#IP header of the TCP SYN | ACK
13501
tcp_syn_ack_tos = 0
13502
tcp_syn_ack_df = 1
13503
tcp_syn_ack_ip_id = !0
13504
tcp_syn_ack_ttl = <64
13505
13506
#Information from the TCP header
13507
tcp_syn_ack_ack = 1
13508
tcp_syn_ack_window_size = 17376
13509
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13510
tcp_syn_ack_wscale = 0
13511
tcp_syn_ack_tsval = !0
13512
tcp_syn_ack_tsecr = !0
13513
13514
#Module G [TCP RST|ACK]
13515
tcp_rst_reply = y
13516
tcp_rst_df = 1
13517
tcp_rst_ip_id_1 = !0
13518
tcp_rst_ip_id_2 = !0
13519
tcp_rst_ip_id_strategy = R
13520
tcp_rst_ttl = <64
13521
}
13522
13523
13524
fingerprint {
13525
OS_ID = "OpenBSD 2.8"
13526
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13527
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13528
#Date: 11 August 2002
13529
#Modified: 12 July 2003
13530
13531
#Module A
13532
icmp_echo_reply = y
13533
13534
13535
icmp_echo_code = !0
13536
icmp_echo_ip_id = !0
13537
icmp_echo_tos_bits = !0
13538
icmp_echo_df_bit = 1
13539
icmp_echo_reply_ttl = <255
13540
13541
#Module B
13542
icmp_timestamp_reply = y
13543
icmp_timestamp_reply_ttl = <255
13544
icmp_timestamp_reply_ip_id = !0
13545
13546
#Module C
13547
icmp_addrmask_reply = n
13548
icmp_addrmask_reply_ttl = <255
13549
icmp_addrmask_reply_ip_id = !0
13550
13551
#Module D
13552
icmp_info_reply = n
13553
icmp_info_reply_ttl = <255
13554
icmp_info_reply_ip_id = !0
13555
13556
#Module E
13557
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13558
icmp_unreach_reply = y
13559
icmp_unreach_echoed_dtsize = 8
13560
icmp_unreach_reply_ttl = <255
13561
icmp_unreach_precedence_bits = 0
13562
icmp_unreach_df_bit = 0
13563
icmp_unreach_ip_id = !0
13564
13565
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13566
icmp_unreach_echoed_udp_cksum = OK
13567
icmp_unreach_echoed_ip_cksum = OK
13568
icmp_unreach_echoed_ip_id = OK
13569
icmp_unreach_echoed_total_len = <20
13570
icmp_unreach_echoed_3bit_flags = OK
13571
13572
#Module F [TCP SYN | ACK Module]
13573
#IP header of the TCP SYN | ACK
13574
tcp_syn_ack_tos = 0
13575
tcp_syn_ack_df = 0
13576
tcp_syn_ack_ip_id = !0
13577
tcp_syn_ack_ttl = <64
13578
13579
#Information from the TCP header
13580
tcp_syn_ack_ack = 1
13581
tcp_syn_ack_window_size = 17376
13582
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13583
tcp_syn_ack_wscale = 0
13584
tcp_syn_ack_tsval = !0
13585
tcp_syn_ack_tsecr = !0
13586
13587
#Module G [TCP RST|ACK]
13588
tcp_rst_reply = y
13589
tcp_rst_df = 0
13590
tcp_rst_ip_id_1 = !0
13591
tcp_rst_ip_id_2 = !0
13592
tcp_rst_ip_id_strategy = R
13593
tcp_rst_ttl = <64
13594
}
13595
13596
fingerprint {
13597
OS_ID = "OpenBSD 2.7"
13598
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13599
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13600
#Date: 11 August 2002
13601
#Modified: 12 July 2003
13602
13603
#Module A
13604
icmp_echo_reply = y
13605
13606
13607
icmp_echo_code = !0
13608
icmp_echo_ip_id = !0
13609
icmp_echo_tos_bits = !0
13610
icmp_echo_df_bit = 1
13611
icmp_echo_reply_ttl = <255
13612
13613
#Module B
13614
icmp_timestamp_reply = y
13615
icmp_timestamp_reply_ttl = <255
13616
icmp_timestamp_reply_ip_id = !0
13617
13618
#Module C
13619
icmp_addrmask_reply = n
13620
icmp_addrmask_reply_ttl = <255
13621
icmp_addrmask_reply_ip_id = !0
13622
13623
#Module D
13624
icmp_info_reply = n
13625
icmp_info_reply_ttl = <255
13626
icmp_info_reply_ip_id = !0
13627
13628
#Module E
13629
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13630
icmp_unreach_reply = y
13631
icmp_unreach_echoed_dtsize = 8
13632
icmp_unreach_reply_ttl = <255
13633
icmp_unreach_precedence_bits = 0
13634
icmp_unreach_df_bit = 0
13635
icmp_unreach_ip_id = !0
13636
13637
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13638
icmp_unreach_echoed_udp_cksum = OK
13639
icmp_unreach_echoed_ip_cksum = OK
13640
icmp_unreach_echoed_ip_id = OK
13641
icmp_unreach_echoed_total_len = <20
13642
icmp_unreach_echoed_3bit_flags = OK
13643
13644
#Module F [TCP SYN | ACK Module]
13645
#IP header of the TCP SYN | ACK
13646
tcp_syn_ack_tos = 0
13647
tcp_syn_ack_df = 0
13648
tcp_syn_ack_ip_id = !0
13649
tcp_syn_ack_ttl = <64
13650
13651
#Information from the TCP header
13652
tcp_syn_ack_ack = 1
13653
tcp_syn_ack_window_size = 17376
13654
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
13655
tcp_syn_ack_wscale = 0
13656
tcp_syn_ack_tsval = !0
13657
tcp_syn_ack_tsecr = !0
13658
13659
#Module G [TCP RST|ACK]
13660
tcp_rst_reply = y
13661
tcp_rst_df = 0
13662
tcp_rst_ip_id_1 = !0
13663
tcp_rst_ip_id_2 = !0
13664
tcp_rst_ip_id_strategy = R
13665
tcp_rst_ttl = <64
13666
}
13667
13668
fingerprint {
13669
OS_ID = "OpenBSD 2.6"
13670
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13671
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13672
#Date: 11 August 2002
13673
#Modified: 12 July 2003
13674
13675
#Module A
13676
icmp_echo_reply = y
13677
13678
13679
icmp_echo_code = !0
13680
icmp_echo_ip_id = !0
13681
icmp_echo_tos_bits = !0
13682
icmp_echo_df_bit = 1
13683
icmp_echo_reply_ttl = <255
13684
13685
#Module B
13686
icmp_timestamp_reply = y
13687
icmp_timestamp_reply_ttl = <255
13688
icmp_timestamp_reply_ip_id = !0
13689
13690
#Module C
13691
icmp_addrmask_reply = n
13692
icmp_addrmask_reply_ttl = <255
13693
icmp_addrmask_reply_ip_id = !0
13694
13695
#Module D
13696
icmp_info_reply = n
13697
icmp_info_reply_ttl = <255
13698
icmp_info_reply_ip_id = !0
13699
13700
#Module E
13701
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13702
icmp_unreach_reply = y
13703
icmp_unreach_echoed_dtsize = 8
13704
icmp_unreach_reply_ttl = <255
13705
icmp_unreach_precedence_bits = 0
13706
icmp_unreach_df_bit = 0
13707
icmp_unreach_ip_id = !0
13708
13709
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13710
icmp_unreach_echoed_udp_cksum = OK
13711
icmp_unreach_echoed_ip_cksum = OK
13712
icmp_unreach_echoed_ip_id = OK
13713
icmp_unreach_echoed_total_len = <20
13714
icmp_unreach_echoed_3bit_flags = OK
13715
13716
#Module F [TCP SYN | ACK Module]
13717
#IP header of the TCP SYN | ACK
13718
tcp_syn_ack_tos = 0
13719
tcp_syn_ack_df = 0
13720
tcp_syn_ack_ip_id = !0
13721
tcp_syn_ack_ttl = <64
13722
13723
#Information from the TCP header
13724
tcp_syn_ack_ack = 1
13725
tcp_syn_ack_window_size = 17376
13726
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
13727
tcp_syn_ack_wscale = 0
13728
tcp_syn_ack_tsval = !0
13729
tcp_syn_ack_tsecr = !0
13730
13731
#Module G [TCP RST|ACK]
13732
tcp_rst_reply = y
13733
tcp_rst_df = 0
13734
tcp_rst_ip_id_1 = !0
13735
tcp_rst_ip_id_2 = !0
13736
tcp_rst_ip_id_strategy = R
13737
tcp_rst_ttl = <64
13738
}
13739
13740
fingerprint {
13741
OS_ID = "OpenBSD 2.5"
13742
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13743
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13744
#Date: 11 August 2002
13745
#Modified: 12 July 2003
13746
13747
#Module A
13748
icmp_echo_reply = y
13749
13750
13751
icmp_echo_code = !0
13752
icmp_echo_ip_id = !0
13753
icmp_echo_tos_bits = !0
13754
icmp_echo_df_bit = 1
13755
icmp_echo_reply_ttl = <255
13756
13757
#Module B
13758
icmp_timestamp_reply = y
13759
icmp_timestamp_reply_ttl = <255
13760
icmp_timestamp_reply_ip_id = !0
13761
13762
#Module C
13763
icmp_addrmask_reply = n
13764
icmp_addrmask_reply_ttl = <255
13765
icmp_addrmask_reply_ip_id = !0
13766
13767
#Module D
13768
icmp_info_reply = n
13769
icmp_info_reply_ttl = <255
13770
icmp_info_reply_ip_id = !0
13771
13772
#Module E
13773
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13774
icmp_unreach_reply = y
13775
icmp_unreach_echoed_dtsize = 8
13776
icmp_unreach_reply_ttl = <255
13777
icmp_unreach_precedence_bits = 0
13778
icmp_unreach_df_bit = 0
13779
icmp_unreach_ip_id = !0
13780
13781
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13782
icmp_unreach_echoed_udp_cksum = OK
13783
icmp_unreach_echoed_ip_cksum = OK
13784
icmp_unreach_echoed_ip_id = OK
13785
icmp_unreach_echoed_total_len = OK
13786
icmp_unreach_echoed_3bit_flags = OK
13787
13788
#Module F [TCP SYN | ACK Module]
13789
#IP header of the TCP SYN | ACK
13790
tcp_syn_ack_tos = 0
13791
tcp_syn_ack_df = 0
13792
tcp_syn_ack_ip_id = !0
13793
tcp_syn_ack_ttl = <64
13794
13795
#Information from the TCP header
13796
tcp_syn_ack_ack = 1
13797
tcp_syn_ack_window_size = 17376
13798
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
13799
tcp_syn_ack_wscale = 0
13800
tcp_syn_ack_tsval = !0
13801
tcp_syn_ack_tsecr = !0
13802
13803
#Module G [TCP RST|ACK]
13804
tcp_rst_reply = y
13805
tcp_rst_df = 0
13806
tcp_rst_ip_id_1 = !0
13807
tcp_rst_ip_id_2 = !0
13808
tcp_rst_ip_id_strategy = R
13809
tcp_rst_ttl = <64
13810
}
13811
13812
fingerprint {
13813
OS_ID = "OpenBSD 2.4"
13814
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13815
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13816
#Date: 12 July 2003
13817
#Modified: 12 July 2003
13818
13819
#Module A
13820
icmp_echo_reply = y
13821
13822
13823
icmp_echo_code = !0
13824
icmp_echo_ip_id = !0
13825
icmp_echo_tos_bits = !0
13826
icmp_echo_df_bit = 1
13827
icmp_echo_reply_ttl = <255
13828
13829
#Module B
13830
icmp_timestamp_reply = y
13831
icmp_timestamp_reply_ttl = <255
13832
icmp_timestamp_reply_ip_id = !0
13833
13834
#Module C
13835
icmp_addrmask_reply = n
13836
icmp_addrmask_reply_ttl = <255
13837
icmp_addrmask_reply_ip_id = !0
13838
13839
#Module D
13840
icmp_info_reply = n
13841
icmp_info_reply_ttl = <255
13842
icmp_info_reply_ip_id = !0
13843
13844
#Module E
13845
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13846
icmp_unreach_reply = y
13847
icmp_unreach_echoed_dtsize = 8
13848
icmp_unreach_reply_ttl = <255
13849
icmp_unreach_precedence_bits = 0
13850
icmp_unreach_df_bit = 1
13851
icmp_unreach_ip_id = !0
13852
13853
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13854
icmp_unreach_echoed_udp_cksum = 0
13855
icmp_unreach_echoed_ip_cksum = 0
13856
icmp_unreach_echoed_ip_id = FLIPPED
13857
icmp_unreach_echoed_total_len = OK
13858
icmp_unreach_echoed_3bit_flags = FLIPPED
13859
13860
#Module F [TCP SYN | ACK Module]
13861
#IP header of the TCP SYN | ACK
13862
tcp_syn_ack_tos = 0
13863
tcp_syn_ack_df = 0
13864
tcp_syn_ack_ip_id = !0
13865
tcp_syn_ack_ttl = <64
13866
13867
#Information from the TCP header
13868
tcp_syn_ack_ack = 1
13869
tcp_syn_ack_window_size = 17520
13870
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
13871
tcp_syn_ack_wscale = 0
13872
tcp_syn_ack_tsval = !0
13873
tcp_syn_ack_tsecr = !0
13874
13875
#Module G [TCP RST|ACK]
13876
tcp_rst_reply = y
13877
tcp_rst_df = 0
13878
tcp_rst_ip_id_1 = !0
13879
tcp_rst_ip_id_2 = !0
13880
tcp_rst_ip_id_strategy = I
13881
tcp_rst_ttl = <64
13882
}
13883
13884
13885
#Sun Solaris
13886
13887
fingerprint {
13888
OS_ID = "Sun Solaris 10 (SunOS 5.10)"
13889
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13890
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13891
#Date: 16 December 2004
13892
#Modified:
13893
13894
#Module A
13895
icmp_echo_reply = y
13896
13897
13898
icmp_echo_code = !0
13899
icmp_echo_ip_id = !0
13900
icmp_echo_tos_bits = !0
13901
icmp_echo_df_bit = 1
13902
icmp_echo_reply_ttl = <255
13903
13904
#Module B
13905
icmp_timestamp_reply = n
13906
icmp_timestamp_reply_ttl = <255
13907
icmp_timestamp_reply_ip_id = !0
13908
13909
#Module C
13910
icmp_addrmask_reply = y
13911
icmp_addrmask_reply_ttl = <255
13912
icmp_addrmask_reply_ip_id = !0
13913
13914
#Module D
13915
icmp_info_reply = n
13916
icmp_info_reply_ttl = <255
13917
icmp_info_reply_ip_id = !0
13918
13919
#Module E
13920
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13921
icmp_unreach_reply = y
13922
icmp_unreach_echoed_dtsize = 64
13923
icmp_unreach_reply_ttl = <255
13924
icmp_unreach_precedence_bits = 0
13925
icmp_unreach_df_bit = 1
13926
icmp_unreach_ip_id = !0
13927
13928
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
13929
icmp_unreach_echoed_udp_cksum = OK
13930
icmp_unreach_echoed_ip_cksum = OK
13931
icmp_unreach_echoed_ip_id = OK
13932
icmp_unreach_echoed_total_len = OK
13933
icmp_unreach_echoed_3bit_flags = OK
13934
13935
#Module F [TCP SYN | ACK Module]
13936
#IP header of the TCP SYN | ACK
13937
tcp_syn_ack_tos = 0
13938
tcp_syn_ack_df = 1
13939
tcp_syn_ack_ip_id = !0
13940
tcp_syn_ack_ttl = <60
13941
13942
#Information from the TCP header
13943
tcp_syn_ack_ack = 1
13944
tcp_syn_ack_window_size = 49232
13945
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP MSS NOP WSCALE NOP NOP SACK"
13946
tcp_syn_ack_wscale = 0
13947
tcp_syn_ack_tsval = !0
13948
tcp_syn_ack_tsecr = !0
13949
13950
#Module G [TCP RST|ACK]
13951
tcp_rst_reply = y
13952
tcp_rst_df = 1
13953
tcp_rst_ip_id_1 = !0
13954
tcp_rst_ip_id_2 = !0
13955
tcp_rst_ip_id_strategy = I
13956
tcp_rst_ttl = <64
13957
}
13958
13959
fingerprint {
13960
OS_ID = "Sun Solaris 9 (SunOS 5.9)"
13961
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
13962
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
13963
#Date: 08 September 2002
13964
#Modified: 30 June 2003
13965
13966
#Module A
13967
icmp_echo_reply = y
13968
13969
13970
icmp_echo_code = !0
13971
icmp_echo_ip_id = !0
13972
icmp_echo_tos_bits = !0
13973
icmp_echo_df_bit = 1
13974
icmp_echo_reply_ttl = <255
13975
13976
#Module B
13977
icmp_timestamp_reply = y
13978
icmp_timestamp_reply_ttl = <255
13979
icmp_timestamp_reply_ip_id = !0
13980
13981
#Module C
13982
icmp_addrmask_reply = y
13983
icmp_addrmask_reply_ttl = <255
13984
icmp_addrmask_reply_ip_id = !0
13985
13986
#Module D
13987
icmp_info_reply = n
13988
icmp_info_reply_ttl = <255
13989
icmp_info_reply_ip_id = !0
13990
13991
#Module E
13992
#IP_Header_of_the_UDP_Port_Unreachable_error_message
13993
icmp_unreach_reply = y
13994
icmp_unreach_echoed_dtsize = 64
13995
icmp_unreach_reply_ttl = <255
13996
icmp_unreach_precedence_bits = 0
13997
icmp_unreach_df_bit = 1
13998
icmp_unreach_ip_id = !0
13999
14000
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
14001
icmp_unreach_echoed_udp_cksum = OK
14002
icmp_unreach_echoed_ip_cksum = OK
14003
icmp_unreach_echoed_ip_id = OK
14004
icmp_unreach_echoed_total_len = OK
14005
icmp_unreach_echoed_3bit_flags = OK
14006
14007
#Module F [TCP SYN | ACK Module]
14008
#IP header of the TCP SYN | ACK
14009
tcp_syn_ack_tos = 0
14010
tcp_syn_ack_df = 1
14011
tcp_syn_ack_ip_id = !0
14012
tcp_syn_ack_ttl = <60
14013
14014
#Information from the TCP header
14015
tcp_syn_ack_ack = 1
14016
tcp_syn_ack_window_size = 49232
14017
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP MSS NOP WSCALE NOP NOP SACK"
14018
tcp_syn_ack_wscale = 0
14019
tcp_syn_ack_tsval = !0
14020
tcp_syn_ack_tsecr = !0
14021
14022
#Module G [TCP RST|ACK]
14023
tcp_rst_reply = y
14024
tcp_rst_df = 1
14025
tcp_rst_ip_id_1 = !0
14026
tcp_rst_ip_id_2 = !0
14027
tcp_rst_ip_id_strategy = I
14028
tcp_rst_ttl = <64
14029
}
14030
14031
14032
fingerprint {
14033
OS_ID = "Sun Solaris 8 (SunOS 2.8)"
14034
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
14035
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
14036
#Date: 20 July 2002
14037
#Modified: 01 July 2003
14038
14039
#Module A
14040
icmp_echo_reply = y
14041
14042
14043
icmp_echo_code = !0
14044
icmp_echo_ip_id = !0
14045
icmp_echo_tos_bits = !0
14046
icmp_echo_df_bit = 1
14047
icmp_echo_reply_ttl = <255
14048
14049
#Module B
14050
icmp_timestamp_reply = y
14051
icmp_timestamp_reply_ttl = <255
14052
icmp_timestamp_reply_ip_id = !0
14053
14054
#Module C
14055
icmp_addrmask_reply = y
14056
icmp_addrmask_reply_ttl = <255
14057
icmp_addrmask_reply_ip_id = !0
14058
14059
#Module D
14060
icmp_info_reply = n
14061
icmp_info_reply_ttl = <255
14062
icmp_info_reply_ip_id = !0
14063
14064
#Module E
14065
icmp_unreach_reply = y
14066
icmp_unreach_echoed_dtsize = 64
14067
icmp_unreach_reply_ttl = <255
14068
icmp_unreach_precedence_bits = 0
14069
icmp_unreach_df_bit = 1
14070
icmp_unreach_ip_id = !0
14071
14072
icmp_unreach_echoed_udp_cksum = OK
14073
icmp_unreach_echoed_ip_cksum = OK
14074
icmp_unreach_echoed_ip_id = OK
14075
icmp_unreach_echoed_total_len = OK
14076
icmp_unreach_echoed_3bit_flags = OK
14077
14078
#Module F [TCP SYN | ACK Module]
14079
#IP header of the TCP SYN | ACK
14080
tcp_syn_ack_tos = 0
14081
tcp_syn_ack_df = 1
14082
tcp_syn_ack_ip_id = !0
14083
tcp_syn_ack_ttl = <60
14084
14085
#Information from the TCP header
14086
tcp_syn_ack_ack = 1
14087
tcp_syn_ack_window_size = 24616
14088
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP NOP WSCALE NOP NOP SACK MSS"
14089
tcp_syn_ack_wscale = 0
14090
tcp_syn_ack_tsval = !0
14091
tcp_syn_ack_tsecr = !0
14092
14093
#Module G [TCP RST|ACK]
14094
tcp_rst_reply = y
14095
tcp_rst_df = 1
14096
tcp_rst_ip_id_1 = !0
14097
tcp_rst_ip_id_2 = !0
14098
tcp_rst_ip_id_strategy = I
14099
tcp_rst_ttl = <64
14100
}
14101
14102
14103
fingerprint {
14104
OS_ID = "Sun Solaris 7 (SunOS 2.7)"
14105
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
14106
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
14107
#Date: 20 July 2002
14108
#Modified: 01 July 2003
14109
14110
#Module A
14111
icmp_echo_reply = y
14112
14113
14114
icmp_echo_code = !0
14115
icmp_echo_ip_id = !0
14116
icmp_echo_tos_bits = !0
14117
icmp_echo_df_bit = 1
14118
icmp_echo_reply_ttl = <255
14119
14120
#Module B
14121
icmp_timestamp_reply = y
14122
icmp_timestamp_reply_ttl = <255
14123
icmp_timestamp_reply_ip_id = !0
14124
14125
#Module C
14126
icmp_addrmask_reply = y
14127
icmp_addrmask_reply_ttl = <255
14128
icmp_addrmask_reply_ip_id = !0
14129
14130
#Module D
14131
icmp_info_reply = n
14132
icmp_info_reply_ttl = <255
14133
icmp_info_reply_ip_id = !0
14134
14135
#Module E
14136
icmp_unreach_reply = y
14137
icmp_unreach_echoed_dtsize = 64
14138
icmp_unreach_reply_ttl = <255
14139
icmp_unreach_precedence_bits = 0
14140
icmp_unreach_df_bit = 1
14141
icmp_unreach_ip_id = !0
14142
14143
icmp_unreach_echoed_udp_cksum = OK
14144
icmp_unreach_echoed_ip_cksum = OK
14145
icmp_unreach_echoed_ip_id = OK
14146
icmp_unreach_echoed_total_len = OK
14147
icmp_unreach_echoed_3bit_flags = OK
14148
14149
#Module F [TCP SYN | ACK Module]
14150
#IP header of the TCP SYN | ACK
14151
tcp_syn_ack_tos = 0
14152
tcp_syn_ack_df = 1
14153
tcp_syn_ack_ip_id = !0
14154
tcp_syn_ack_ttl = <255
14155
14156
#Information from the TCP header
14157
tcp_syn_ack_ack = 1
14158
tcp_syn_ack_window_size = 10136
14159
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP NOP WSCALE NOP NOP SACK MSS"
14160
tcp_syn_ack_wscale = 0
14161
tcp_syn_ack_tsval = !0
14162
tcp_syn_ack_tsecr = !0
14163
14164
#Module G [TCP RST|ACK]
14165
tcp_rst_reply = y
14166
tcp_rst_df = 1
14167
tcp_rst_ip_id_1 = !0
14168
tcp_rst_ip_id_2 = !0
14169
tcp_rst_ip_id_strategy = I
14170
tcp_rst_ttl = <64
14171
}
14172
14173
fingerprint {
14174
OS_ID = "Sun Solaris 6 (SunOS 2.6)"
14175
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
14176
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
14177
#Date: 20 July 2002
14178
#Modified: 30 June 2003
14179
14180
#Module A
14181
icmp_echo_reply = y
14182
14183
14184
icmp_echo_code = !0
14185
icmp_echo_ip_id = !0
14186
icmp_echo_tos_bits = !0
14187
icmp_echo_df_bit = 1
14188
icmp_echo_reply_ttl = <255
14189
14190
#Module B
14191
icmp_timestamp_reply = y
14192
icmp_timestamp_reply_ttl = <255
14193
icmp_timestamp_reply_ip_id = !0
14194
14195
#Module C
14196
icmp_addrmask_reply = y
14197
icmp_addrmask_reply_ttl = <255
14198
icmp_addrmask_reply_ip_id = !0
14199
14200
#Module D
14201
icmp_info_reply = n
14202
icmp_info_reply_ttl = <255
14203
icmp_info_reply_ip_id = !0
14204
14205
#Module E
14206
icmp_unreach_reply = y
14207
icmp_unreach_echoed_dtsize = 64
14208
icmp_unreach_reply_ttl = <255
14209
icmp_unreach_precedence_bits = 0
14210
icmp_unreach_df_bit = 1
14211
icmp_unreach_ip_id = !0
14212
14213
icmp_unreach_echoed_udp_cksum = OK
14214
icmp_unreach_echoed_ip_cksum = OK
14215
icmp_unreach_echoed_ip_id = OK
14216
icmp_unreach_echoed_total_len = OK
14217
icmp_unreach_echoed_3bit_flags = OK
14218
14219
#Module F [TCP SYN | ACK Module]
14220
#IP header of the TCP SYN | ACK
14221
tcp_syn_ack_tos = 0
14222
tcp_syn_ack_df = 1
14223
tcp_syn_ack_ip_id = !0
14224
tcp_syn_ack_ttl = <255
14225
14226
#Information from the TCP header
14227
tcp_syn_ack_ack = 1
14228
tcp_syn_ack_window_size = 10136
14229
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP NOP WSCALE MSS"
14230
tcp_syn_ack_wscale = 0
14231
tcp_syn_ack_tsval = !0
14232
tcp_syn_ack_tsecr = !0
14233
14234
#Module G [TCP RST|ACK]
14235
tcp_rst_reply = y
14236
tcp_rst_df = 1
14237
tcp_rst_ip_id_1 = !0
14238
tcp_rst_ip_id_2 = !0
14239
tcp_rst_ip_id_strategy = I
14240
tcp_rst_ttl = <64
14241
}
14242
14243
fingerprint {
14244
OS_ID = "Sun Solaris 2.5.1"
14245
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
14246
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
14247
#Date: 23 July 2003
14248
#Modified: 23 July 2003
14249
14250
#Module A
14251
icmp_echo_reply = y
14252
14253
14254
icmp_echo_code = !0
14255
icmp_echo_ip_id = !0
14256
icmp_echo_tos_bits = !0
14257
icmp_echo_df_bit = 1
14258
icmp_echo_reply_ttl = <255
14259
14260
#Module B
14261
icmp_timestamp_reply = y
14262
icmp_timestamp_reply_ttl = <255
14263
icmp_timestamp_reply_ip_id = !0
14264
14265
#Module C
14266
icmp_addrmask_reply = y
14267
icmp_addrmask_reply_ttl = <255
14268
icmp_addrmask_reply_ip_id = !0
14269
14270
#Module D
14271
icmp_info_reply = n
14272
icmp_info_reply_ttl = <255
14273
icmp_info_reply_ip_id = !0
14274
14275
#Module E
14276
icmp_unreach_reply = y
14277
icmp_unreach_echoed_dtsize = 64
14278
icmp_unreach_reply_ttl = <255
14279
icmp_unreach_precedence_bits = 0
14280
icmp_unreach_df_bit = 1
14281
icmp_unreach_ip_id = !0
14282
14283
icmp_unreach_echoed_udp_cksum = OK
14284
icmp_unreach_echoed_ip_cksum = OK
14285
icmp_unreach_echoed_ip_id = OK
14286
icmp_unreach_echoed_total_len = OK
14287
icmp_unreach_echoed_3bit_flags = OK
14288
14289
#Module F [TCP SYN | ACK Module]
14290
#IP header of the TCP SYN | ACK
14291
tcp_syn_ack_tos = 0
14292
tcp_syn_ack_df = 1
14293
tcp_syn_ack_ip_id = !0
14294
tcp_syn_ack_ttl = <255
14295
14296
#Information from the TCP header
14297
tcp_syn_ack_ack = 1
14298
tcp_syn_ack_window_size = 8760
14299
tcp_syn_ack_options_order = "MSS"
14300
tcp_syn_ack_wscale = NONE
14301
tcp_syn_ack_tsval = NONE
14302
tcp_syn_ack_tsecr = NONE
14303
14304
#Module G [TCP RST|ACK]
14305
tcp_rst_reply = y
14306
tcp_rst_df = 1
14307
tcp_rst_ip_id_1 = !0
14308
tcp_rst_ip_id_2 = !0
14309
tcp_rst_ip_id_strategy = I
14310
tcp_rst_ttl = <64
14311
}
14312
14313
14314
Loggerhead is a web-based interface for Breezy
Version: 2.0.1