来源:http://pentestit.com/2009/05/23/tutorial-fingerprint-os/
Best way to fingerprint OS is manually , Yes there are many tools available today which wil ease your work.
fingerprint Tutorial : Best way to fingerprint OS
why to use tools when you can identify Operating systems through a single ping packet.
For ex.
when you ping windows 2003 machine
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
and when you ping red hat linux box
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
A good collection of OS / firmware with TTL for quick refrence
| OS / Firmware | TTL |
| Windows 98 | 128 |
| windows NT | 128 |
| Windows 2000 | 128 |
| Windows XP | 128 |
| Windows 2003 | 128 |
| Windows Vista | 128 |
| Windows 2008 | 128 |
| Linux RedHat All flavour | 63 |
| Linux Suse All flavour | 63 |
| Linux Ubantu | 63 |
| sun OS | 253 |
| Solaris | 253 |
| AIX | 60 |
| FreeBSD | 64 |
| HP/Ux 9.0x | 30 |
| HP/UX 10.x | 64 |
| Irix | 60 |
| OS/2 | 64 |
| OSF/1 | 60 |
| Ultrix | 60 |
| Netscreen Firewalls | 64 |
| Cisco Swith | 252 |
| Cisco routers | 252 |
| F5 | 60 |
| Nortel swith | 253 |
| Radware | 61 |
| Alteon | 251 |
Well there is a long list but then it will be confusing.
what we would suggest is to use this table to fingerprint major three Opertating Systems
Windows , Linux , solaris
Have fun !!!
