Presented at
DEF CON 10 (2002),
Aug. 2, 2002, noon
(50 minutes)
This is a fingerprinting library designed to bring together the fingerprinting capabilities of NMAP, QueSO and X (at least version 1). Using this library you should be able to add operating system sensitive code to your favorite Perl, Java, C or C++ code.
At the most basic level the goal of this library is to provide a mechanism so that you can add code to your programs that reads if(OS.Family == Windows Family) { 'do something'}
if((OS.Name == Linux) && (OS.Kernel > 2.2)) { 'do somthing else'}
At the same time the library will give you control over the execution of individual OS Fingerprint Tests. If you are interested in writing OS sensitive code or researching OS fingerprinting then this talk. (and the code) are for you. Everything will be released GPL.
Presenters:
-
T3 - Fred Trotter, CISSP
- Verisign threatguard.com
In his first life Fred Trotter worked at the Air Force Information Warfare Center, and was a spook. But, while the Air Force let him work on cool stuff, which was good, it paid crappy, which was bad. So, Fred quit working as a spook and went to work for Rackspace. And there was much rejoicing. At Rackspace Fred Trotter tried to protect the largest installed base of RedHat servers in the world, and often succeeded. Then that contract ended abruptly and there was wailing and gnashing of teeth, for Fred had been paid well, and had gotten used to bank. Then, Lo, exault was hiring, and Fred Trotter applied and was hired, and there was much rejoicing, and the people did feast upon the lambs and sloths etc. Then after 40 days (more or less) exault was bought by VeriSign. Then 40 days (more or less) later the VeriSign stock price plummeted, and the beatings given it by Wall Street were not just, or holy. But, Verily, though his stock options were worthless, he still had a cool job with a cool company in a crappy economy; and there was much rejoicing.
Links:
Similar Presentations: