#Xprobe2 Fingerprinting Database
#
#Last Modified: 11 July 2005
#
#$Id:
#
#Contributions are welcomed
#
#
#The fingerprinting database is (c) 2000-2005 by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev
#The database is available for free use by open source software under the terms of
#the GNU General Public License.
#
#For commercial usage please contact: ofir@sys-security.com
#
#
#
#Generic Section
generic {
timeout = 2
community_strings=public,private,router,community,snmp,cisco
}
#Fingerprints
#
#For corrections & submission of signatures please email
#ofir@sys-security.com
#
#
#Example entry
#
#fingerprint {
# OS_ID = "My OS"
# #Entry inserted to the database by: Moderator's name (email)
# #Entry contributed by: Contributer's name (email)
# #Date: Date entered into database
# #Modified: Date Modified
#
# #Module A [ICMP ECHO Probe]
# icmp_echo_reply = [y, n]
# icmp_echo_code = [0, !0]
# icmp_echo_ip_id = [0, !0, SENT]
# icmp_echo_tos_bits = [0, !0]
# icmp_echo_df_bit = [0, 1]
# icmp_echo_reply_ttl = [>< decimal num]
#
# #Module B [ICMP Timestamp Probe]
# icmp_timestamp_reply = [y, n]
# icmp_timestamp_reply_ttl = [>< decimal num]
# icmp_timestamp_reply_ip_id = [0, !0, SENT]
#
# #Module C [ICMP Address Mask Request Probe]
# icmp_addrmask_reply = [y, n]
# icmp_addrmask_reply_ttl = [>< decimal num]
# icmp_addrmask_reply_ip_id = [0, !0, SENT]
#
# #Module D [ICMP Information Request Probe]
# icmp_info_reply = [y, n]
# icmp_info_reply_ttl = [>< decimal num]
# icmp_info_reply_ip_id = [0, !0, SENT]
#
# #Module E [UDP -> ICMP Unreachable probe]
# #IP_Header_of_the_UDP_Port_Unreachable_error_message
# icmp_unreach_reply = [y, n]
# icmp_unreach_echoed_dtsize = [8, 64, >64]
# icmp_unreach_reply_ttl = [>< decimal num]
# icmp_unreach_precedence_bits = 0xc0, 0, (hex num)
# icmp_unreach_df_bit = [0 , 1 ]
# icmp_unreach_ip_id = [0, !0, SENT]
#
# #Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
# icmp_unreach_echoed_udp_cksum = [0, OK, BAD]
# icmp_unreach_echoed_ip_cksum = [0, OK, BAD]
# icmp_unreach_echoed_ip_id = [OK, FLIPPED]
# icmp_unreach_echoed_total_len = [>20, OK, <20]
# icmp_unreach_echoed_3bit_flags = [OK, FLIPPED]
#
# #Module F [TCP SYN | ACK Module]
# #IP header of the TCP SYN ACK
# tcp_syn_ack_tos = [0, <value>]
# tcp_syn_ack_df = [0 , 1 ]
# tcp_syn_ack_ip_id = [0 , !0, SENT ]
# tcp_syn_ack_ttl = [>< decimal num]
#
# #Information from the TCP header
# tcp_syn_ack_ack = [<value>]
# tcp_syn_ack_window_size = [<value>]
# tcp_syn_ack_options_order = ["order"]
# tcp_syn_ack_wscale = [<value>, NONE]
# tcp_syn_ack_tsval = [0, !0, NONE]
# tcp_syn_ack_tsecr = [0, !0, NONE]
#
# #Module G [TCP RST|ACK]
# tcp_rst_reply = [y ,n]
# tcp_rst_df = [0, 1]
# tcp_rst_ip_id_1 = [0, !0]
# tcp_rst_ip_id_2 = [0, !0]
# tcp_rst_ip_id_strategy = [0, I, R]
# tcp_rst_ttl = [>< decimal num]
#
#}
#AIX
fingerprint {
OS_ID = "AIX 5.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = >20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "AIX 4.3.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = >20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16060
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
#Apple
fingerprint {
OS_ID = "Apple Mac OS X 10.2.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.2.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 33304
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.3.9"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.4.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 6 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
fingerprint {
OS_ID = "Apple Mac OS X 10.4.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 6 June 2005
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = MSS NOP WSCALE NOP NOP TIMESTAMP
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsecr = !0
tcp_syn_ack_tsval = !0
#Module G
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = Darwin Kernel Version
}
#Cisco Systems
fingerprint {
OS_ID = "Cisco IOS 12.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 01 February 2005
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = SENT
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = SENT
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = SENT
#Module D
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = SENT
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0x10
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 4128
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Cisco IOS 12.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 25 June 2002
#Modified: 25 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = SENT
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = SENT
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = SENT
#Module D
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = SENT
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0x10
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 4128
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Cisco IOS 12.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 27 January 2002
#Modified: 25 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = SENT
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = SENT
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = SENT
#Module D
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = SENT
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0x10
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 4128
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Cisco IOS 11.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 27 January 2002
#Modified: 25 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = SENT
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = SENT
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = SENT
#Module D
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = SENT
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0x10
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 4128
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Cisco IOS 11.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 27 January 2002
#Modified: 25 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = SENT
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = SENT
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = SENT
#Module D
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = SENT
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 2144
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Cisco IOS 11.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 27 January 2002
#Modified: 25 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = SENT
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = SENT
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = SENT
#Module D
icmp_info_reply = y
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = SENT
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 2144
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
#Foundry Networks
fingerprint {
OS_ID = "Foundry Networks IronWare Version 03.0.01eTc1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 20
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Foundry Networks IronWare Version 07.5.04T53"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Foundry Networks IronWare Version 07.5.05KT53"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Foundry Networks IronWare 07.6.01BT51"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Foundry Networks IronWare 07.6.04aT51"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Foundry Networks IronWare 07.7.01eT53"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
#FreeBSD
fingerprint {
OS_ID = "FreeBSD 5.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = FreeBSD 5.4
}
fingerprint {
OS_ID = "FreeBSD 5.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 December 2004
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = FreeBSD 5.3
}
fingerprint {
OS_ID = "FreeBSD 5.2.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 December 2004
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = FreeBSD 5.2.1
}
fingerprint {
OS_ID = "FreeBSD 5.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 December 2004
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = FreeBSD 5.2
}
fingerprint {
OS_ID = "FreeBSD 5.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 25 June 2003
#Modified: 25 June 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = FreeBSD 5.1
}
fingerprint {
OS_ID = "FreeBSD 5.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 5 April 2003
#Modified: 29 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
snmp_sysdescr = FreeBSD 5.0
}
fingerprint {
OS_ID = "FreeBSD 4.11"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.10"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.9"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 5 April 2003
#Modified: 29 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 5 April 2003
#Modified: 29 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.6.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 25 June 2003
#Modified: 25 June 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 20 March 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 57344
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 29 July 2002
#Modified: 20 March 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 1
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 20 March 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.1.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 4.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 29 July 2002
#Modified: 20 March 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 3.5.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 July 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 3.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 29 July 2002
#Modified: 29 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 3.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 3.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 3.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 2.2.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "FreeBSD 2.2.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
#HP
fingerprint {
OS_ID = "HP UX 11.0x"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32768
tcp_syn_ack_options_order = "MSS NOP NOP SACK WSCALE NOP NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "HP UX 11.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 1 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32768
tcp_syn_ack_options_order = "MSS NOP NOP SACK WSCALE NOP NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "HP JetDirect ROM A.03.17 EEPROM A.04.09"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM A.05.03 EEPROM A.05.05"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM F.08.01 EEPROM F.08.05"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM F.08.08 EEPROM F.08.05"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM F.08.08 EEPROM F.08.20"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.05.34 EEPROM G.05.35"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.06.00 EEPROM G.06.00"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.07.02 EEPROM G.07.17"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.07.02 EEPROM G.07.20"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.07.02 EEPROM G.08.04"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.07.19 EEPROM G.07.20"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.07.19 EEPROM G.08.03"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.07.19 EEPROM G.08.04"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.08.08 EEPROM G.08.04"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM G.08.21 EEPROM G.08.21"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM H.07.15 EEPROM H.08.20"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <60
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <60
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <60
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <60
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <60
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <60
}
fingerprint {
OS_ID = "HP JetDirect ROM L.20.07 EEPROM L.20.24"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 04 July 2003
#Modified: 04 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 11680
tcp_syn_ack_options_order = "MSS NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "HP JetDirect ROM R.22.01 EEPROM L.24.08"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 February 2005
#Modified: -
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5840
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
#Linux
fingerprint {
OS_ID = "Linux Kernel 2.6.11"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 January 2005
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 2
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.10"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 4 January 2005
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 2
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.9"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 2
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 7
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.6.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.30"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.29"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 May 2005
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.28"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.27"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.26"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.25"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.24"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.23"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.22"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.21"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.20"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.19"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Linux Kernel 2.4.18"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.17"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.16"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.15"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.14"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.13"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.12"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.11"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.10"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.9"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 08 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.4 (I)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 15 February 2005
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = 0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = 0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = 0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = 0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = 0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = 0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = 0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = 0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = 0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = 0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = 0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = 0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = 0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = 0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = 0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = 0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = 0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = 0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = 0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = 0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = 0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = 0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = 0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = 0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.4.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 07 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = 0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = 0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = 0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = 0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = 0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = 0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 5792
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = 0
tcp_rst_ip_id_2 = 0
tcp_rst_ip_id_strategy = 0
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.26"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 19 December 2003
#Modified:
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.25"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.24"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.23"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.22"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.21"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.20"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.19"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.18"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.17"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.16"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.15"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.14"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.13"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.12"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.11"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.10"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.9"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.2.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 July 2003
#Modified: 13 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32120
tcp_syn_ack_options_order = "MSS SACK TIMESTAMP NOP WSCALE"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.0.36"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32736
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.0.34"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32736
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
fingerprint {
OS_ID = "Linux Kernel 2.0.30"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <64
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <64
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <64
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <64
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <64
icmp_unreach_precedence_bits = 0xc0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32736
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <255
}
#Microsoft
fingerprint {
OS_ID = "Microsoft Windows 2003 Server Enterprise Edition"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535,64240,17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows Server 2003 5.2
smb_nativeos = Windows Server 2003 3790
}
fingerprint {
OS_ID = "Microsoft Windows 2003 Server Standard Edition"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 July 2003
#Modified: 14 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535,64240,17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows Server 2003 5.2
smb_nativeos = Windows Server 2003 3790
}
fingerprint {
OS_ID = "Microsoft Windows XP SP2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 13 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_dtsize = >64
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.1
}
fingerprint {
OS_ID = "Microsoft Windows XP SP1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 19 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 64240,17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.1
}
fingerprint {
OS_ID = "Microsoft Windows XP"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 19 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 64240,17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.1
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Server Service Pack 4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 02 July 2003
#Modified: 02 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 65535,64240,17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Server Service Pack 3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 March 2003
#Modified: 02 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 64240,17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Server Service Pack 2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 02 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Server Service Pack 1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 02 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Server"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Workstation SP4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Workstation SP3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Workstation SP2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Workstation SP1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows 2000 Workstation"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = 0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = < 128
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = Windows 2000 LAN Manager
smb_nativeos = Windows 5.0
}
fingerprint {
OS_ID = "Microsoft Windows Millennium Edition (ME)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 29 July 2002
#Modified: 05 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = 0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server Service Pack 6a"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server Service Pack 5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server Service Pack 4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server Service Pack 3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server Service Pack 2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server Service Pack 1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Server"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 6a"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation Service Pack 1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows NT 4 Workstation"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 30 July 2002
#Modified: 05 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
smb_lanman = NT LAN Manager 4.0
smb_nativeos = Windows NT 4.0
}
fingerprint {
OS_ID = "Microsoft Windows 98 Second Edition (SE)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 29 July 2002
#Modified: 05 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS NOP NOP SACK"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
}
fingerprint {
OS_ID = "Microsoft Windows 98"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 29 July 2002
#Modified: 14 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <128
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <128
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <128
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <128
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <128
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <128
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS NOP NOP SACK"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <128
}
fingerprint {
OS_ID = "Microsoft Windows 95"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 05 July 2003
#Modified: 05 July 2003
#Module A [ICMP ECHO Probe]
icmp_echo_reply = y
icmp_echo_code = 0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <32
#Module B [ICMP Timestamp Probe]
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <32
icmp_timestamp_reply_ip_id = !0
#Module C [ICMP Address Mask Request Probe]
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <32
icmp_addrmask_reply_ip_id = !0
#Module D [ICMP Information Request Probe]
icmp_info_reply = n
icmp_info_reply_ttl = <32
icmp_info_reply_ip_id = !0
#Module E [UDP -> ICMP Unreachable probe]
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <32
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <32
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <32
}
#NetBSD
fingerprint {
OS_ID = "NetBSD 2.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 32768
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.6.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.6.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 06 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 06 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 0
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = 0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.5.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 06 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.5.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 06 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.5.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 06 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 06 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.4.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 July 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.4.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 July 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.4.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 July 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 July 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.3.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 July 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.3.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.3.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "NetBSD 1.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
#OpenBSD
fingerprint {
OS_ID = "OpenBSD 3.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 15 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 15 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 16384
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 14 December 2004
#Modified: -
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.3"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 07 June 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.2"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 06 April 2003
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 24 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 3.0"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 11 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = BAD
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 2.9"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 2.8"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 2.7"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP NOP SACK NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 2.6"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = <20
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 2.5"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 11 August 2002
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 0
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17376
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = R
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "OpenBSD 2.4"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 12 July 2003
#Modified: 12 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = n
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 8
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = 0
icmp_unreach_echoed_ip_cksum = 0
icmp_unreach_echoed_ip_id = FLIPPED
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = FLIPPED
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 0
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <64
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 17520
tcp_syn_ack_options_order = "MSS NOP WSCALE NOP NOP TIMESTAMP"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 0
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
#Sun Solaris
fingerprint {
OS_ID = "Sun Solaris 10 (SunOS 5.10)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 16 December 2004
#Modified:
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = n
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 49232
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP MSS NOP WSCALE NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Sun Solaris 9 (SunOS 5.9)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 08 September 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
#IP_Header_of_the_UDP_Port_Unreachable_error_message
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
#Original_data_echoed_with_the_UDP_Port_Unreachable_error_message
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 49232
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP MSS NOP WSCALE NOP NOP SACK"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Sun Solaris 8 (SunOS 2.8)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 01 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <60
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 24616
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP NOP WSCALE NOP NOP SACK MSS"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Sun Solaris 7 (SunOS 2.7)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 01 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 10136
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP NOP WSCALE NOP NOP SACK MSS"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Sun Solaris 6 (SunOS 2.6)"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 20 July 2002
#Modified: 30 June 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 10136
tcp_syn_ack_options_order = "NOP NOP TIMESTAMP NOP WSCALE MSS"
tcp_syn_ack_wscale = 0
tcp_syn_ack_tsval = !0
tcp_syn_ack_tsecr = !0
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
fingerprint {
OS_ID = "Sun Solaris 2.5.1"
#Entry inserted to the database by: Ofir Arkin (ofir@sys-security.com)
#Entry Contributed by: Ofir Arkin (ofir@sys-security.com)
#Date: 23 July 2003
#Modified: 23 July 2003
#Module A
icmp_echo_reply = y
icmp_echo_code = !0
icmp_echo_ip_id = !0
icmp_echo_tos_bits = !0
icmp_echo_df_bit = 1
icmp_echo_reply_ttl = <255
#Module B
icmp_timestamp_reply = y
icmp_timestamp_reply_ttl = <255
icmp_timestamp_reply_ip_id = !0
#Module C
icmp_addrmask_reply = y
icmp_addrmask_reply_ttl = <255
icmp_addrmask_reply_ip_id = !0
#Module D
icmp_info_reply = n
icmp_info_reply_ttl = <255
icmp_info_reply_ip_id = !0
#Module E
icmp_unreach_reply = y
icmp_unreach_echoed_dtsize = 64
icmp_unreach_reply_ttl = <255
icmp_unreach_precedence_bits = 0
icmp_unreach_df_bit = 1
icmp_unreach_ip_id = !0
icmp_unreach_echoed_udp_cksum = OK
icmp_unreach_echoed_ip_cksum = OK
icmp_unreach_echoed_ip_id = OK
icmp_unreach_echoed_total_len = OK
icmp_unreach_echoed_3bit_flags = OK
#Module F [TCP SYN | ACK Module]
#IP header of the TCP SYN | ACK
tcp_syn_ack_tos = 0
tcp_syn_ack_df = 1
tcp_syn_ack_ip_id = !0
tcp_syn_ack_ttl = <255
#Information from the TCP header
tcp_syn_ack_ack = 1
tcp_syn_ack_window_size = 8760
tcp_syn_ack_options_order = "MSS"
tcp_syn_ack_wscale = NONE
tcp_syn_ack_tsval = NONE
tcp_syn_ack_tsecr = NONE
#Module G [TCP RST|ACK]
tcp_rst_reply = y
tcp_rst_df = 1
tcp_rst_ip_id_1 = !0
tcp_rst_ip_id_2 = !0
tcp_rst_ip_id_strategy = I
tcp_rst_ttl = <64
}
