All individual has their own unique fingerprints by which the individual is been identified. Similarly, to that every device/system has its own unique information by which they are identify.
OS Fingerprinting is a technique, which is used to identify the information of your target machine operating system. By this the attacker/hacker determines the vulnerabilities and possible bugs that targeted operating system may have. It allows the attacker/hacker to find the easiest way to gain the access of targeted system. It gathers information such as: Operating system version, device/hardware are attached to system, BIOS,
1. Active OS Fingerprinting
2. Passive OS Fingerprinting
Active Fingerprinting is most popular type of fingerprinting in use. It involves of sending packets to system and wait for the system responds to analyse. In simplest way we can say It interact with the targeted system either by social means such as calling or emailing, or technical means such as scanning This is easiest way to detect remote OS & network. Also, it is most risky as it can be easily detected by IDS (Intrusion Detection System) and packet filtering firewalls. The most used tool for active fingerprinting is Nmap.
Passive OS Fingerprinting examine the traffic on the network to determine the operating system.
The main difference between active and passive fingerprinting is that passive fingerprinting does not actively send packets to the targeted system. Instead, it acts as network scanner in the form of a sniffer, simply watching the traffic data on a network without performing network alteration. As soon as the attacker has sniffed sufficient information, it can be analysed to extract pattern that will be useful for detecting operating system.
Active OS Fingerprinting:
1. Nmap
2. RING
3. Xprobe
4. Xprobe2
Passive OS Fingerprinting:
1. p0f
3. Satori
4. NetworkMiner