How we can determine the remote OS using simple TCP packets? Well, it's easy, they're packets that don't make any sense, so the RFCs don't clearly state what to answer in this case. Facing this ambiguity, each TCP/IP stack takes a different approach to the problem, and is why, we get a different response. In some cases (like Linux) programming mistakes make the OS detectable. QueSO sends: 0 SYN * THIS IS VALID, used to verify LISTEN 1 SYN+ACK 2 FIN 3 FIN+ACK 4 SYN+FIN 5 PSH 6 SYN+XXX+YYY * XXX & YYY are unused TCP flags All packets have a random seq_num and a 0x0 ack_num.
No homepage
None
None
None