rootkit

DHCP Hacking & End OS detection

4 posts in this topic


Hi, I am new to this forum and need to know more about DHCP fingerprinting. Is there any way to hide the details of end OS?
Thank you for you patience 
Root

Edited by rootkit
;)
0

Share this post


Link to post
Share on other sites

http://nci.ca/tag/arubaos/
I found this blog while searching about DHCP fingerprinting. It says about an Aruba OS used to identify end OS. 
Last day I watched and learned fingerprinting form Kali Linux that was a good video. 
 I don't know about this Aruba, Someone please explain me about this one.Is this OS is related to any particular hardware

0

Share this post


Link to post
Share on other sites

It probably uses TCP/IP stack fingerprinting. Different operating systems use different default parameters in the way they send a DCHP request. Like: how many requests, timeout in requests, response timeouts, flags set.

 

To hide the o/s you could just set a static IP address. However, still, other TCP/IP parameters can be monitored in broadcast traffic and matches with known finger prints.  There are some parameters that can be changed: in Linux when compiling the kernel or in /proc/sys. Windows stores some in the registry.

 

To anser all your questions requires some research and you will probably need to do that for yourself. As for Aruba OS - there should be a hardware compatibility list. It probably uses the FreedBSD or Linux kernel. So you can  find out what kernel it uses and hardware support for that kernel.

 

Once I got to reading "Aruba" networks, and saw no download link. I'm guessing this Aruba O/S costs at least a few thousand dollars to implement and they will want another few grand shelled out for the slightest training.

 

You'll save yourself some hard earned dollars by research "TCP / IP Stack Finger Printing" and taking the time of looking into some good open source tools. 

0

Share this post


Link to post
Share on other sites

ArubaOS is the OS running on any Aruba wireless controller (like how Cisco has IOS). It's nothing special and it isn't the only way to fingerprint a host.

 

Some good info how an Aruba controller can fingerprint is here: https://community.arubanetworks.com/aruba/attachments/aruba/Aruba-VRDs/26/2/ArubaOS DHCP Fingerprinting.pdf

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now