1 # Highly b0gus Fingerprints
:
2 # Fingerprints for
Source_IP (sender
)
4 # icmp_type
:icmp_code
:initial_ttl
:dont_fragment
:ip_options
:ip_length
:ip_flags
:fragment_offset
:ip
-TOS
5 # fragment_offset is there for testing at the moment.
6 #
Do we need anything
else?
9 # http
://en.wikipedia.org
/wiki
/Internet_Control_Message_Protocol
10 # http
://phrack.org
/issues.html?issue
=57&id
=7#article
12 # icmp_type
: 0 Echo
Reply, 3 Destination Unreachable
, 8 Echo request...
13 # icmp_code
: Undercode for
type 3,5,11,12
14 # Example
: type3
,code9
= Destination Unreachable
,Network administratively prohibited
16 # Supports wildcarding
on all fields
, etc
: *:*:*:*:*:*:*:*:@SomeOS
:1.1
17 # Example
: 3:3:64:0:.
:*:0:0:@Linux
:2.6
21 8:0:64:1:.
:84:2:0:0:@Linux
:2.6
22 8:0:64:1:.
:28:2:0:0:@Linux
:2.6 fedora
23 #
8:0:64:1:.
:48:2:0:*:?
:?
24 # PWS
- Panter Web Server? panthercdn.com
25 8:0:32:0:.
:28:0:0:0:@Linux
:PWS
1.4.20/21
26 8:0:32:0:.
:28:0:0:128:@Linux
:PWS
1.4.22
28 #
0:0:64:0:.
:*:0:0:*:@Linux
:2.6
29 0:0:64:0:.
:84:0:0:0:@Linux
:2.6 (Pinged
by @Linux
)
30 0:0:64:0:.
:61:0:0:0:@Linux
:2.6 (Pinged
by @Windows
)
31 0:0:64:0:.
:60:0:0:0:@Linux
:2.6 (Pinged
by Vista (SP2
))
32 0:0:64:0:.
:28:0:0:0:@Linux
:2.6 (Pinged
by nmap
)
33 0:0:64:0:.
:64:0:0:0:@Linux
:2.6 (Pinged
by Superscan?
)
34 # Destination
Unreachable (3)
35 #
3:10:64:0:.
:88:0:0:0:@Linux
:2.6 fedora
36 3:10:64:0:.
:*:0:0:0:@Linux
:2.6 fedora
37 3:3:64:0:.
:*:0:0:192:@Linux
:2.6 (3)
38 3:3:64:0:.
:*:0:0:0:Linux
:2.6 (newer
, 7)
40 3:1:64:0:.
:*:0:0:192:@Linux
:2.6 (1)
41 3:0:64:0:.
:*:0:0:192:@Linux
:2.6 (0)
43 11:0:64:0:.
:*:0:0:0:@Linux
:2.6
47 8:0:64:0:.
:84:0:0:0:@FreeBSD
:7
49 0:0:64:1:.
:84:2:0:0:@FreeBSD
:7
51 4:0:64:1:.
:56:2:0:0:@FreeBSD
:Old?
56 #
0:0:255:1:.
:84:2:0:0:@OpenBSD
:4
60 8:0:128:0:.
:60:0:0:0:@Windows
:XP
/Vista
61 8:0:128:0:.
:61:0:0:32:@Windows
:122.121.26.114
62 8:0:32:0:.
:92:0:0:0:@Windows
:XP
/Vista tracert
63 8:0:32:0:.
:60:0:0:0:@Windows
:Vista
65 0:0:128:1:.
:84:2:0:0:@Windows
:2000, 2003, XP
, Vista
, 2008
66 0:0:64:1:.
:84:2:0:0:@Windows
:98
69 0:0:32:1:.
:84:2:0:0:@Sun
:Solaris?
(Pinged
by Linux
)
72 8:0:255:0:.
:84:0:0:0:@HP
:HP
-UX
73 8:0:32:0:.
:40:0:0:0:@HP
:HP
-UX traceroute
75 # Misc
/Wildcards
/Others
77 8:0:128:0:.
:61:0:0:0:@Windows
:MS?
78 8:0:64:0:.
:28:0:0:0:@nmap
:Ping
79 8:0:64:0:.
:64:0:0:0:@F5
:Big
-IP
80 8:0:64:0:.
:64:0:0:4:@F5
:Big
-IP
81 8:0:64:0:.
:69:0:0:0:Juniper
:NetScreen
82 8:0:255:0:.
:28:0:0:0:@Cisco
:7200, Catalyst
3500, etc
83 #
3:13:255:0:.
:56:0:0:0:?
:?
84 8:0:128:0:.
:64:0:0:0:@Misc
:87.238.157.6
87 0:0:64:0:.
:84:0:0:0:Juniper
:NetScreen
88 0:0:128:0:.
:84:0:0:0:@Misc
:Firewall
89 0:0:255:1:.
:84:2:0:0:@Misc
:Cisco
,3com
,OpenBSD
,Solaris (1)
90 0:0:255:1:.
:84:2:0:4:@Misc
:Cisco
,3com
,OpenBSD
,Solaris (2)
91 0:0:255:0:.
:84:0:0:0:@Misc
:F5 Big
-IP?
92 #
0:0:255:1:.
:84:2:0:0:@Cisco
:IOS
93 #
0:0:255:1:.
:84:2:0:0:@
3com
:wlan
-ruter
94 #
0:0:255:1:.
:84:2:0:0:@OpenBSD
:4
98 #
8:0:64:1:.
:84:2:0:0:@Win
/Lin
:??
99 #
8:0:64:0:.
:84:0:0:0:@Misc
:??
100 #
8:0:255:0:.
:28:0:0:0:@UNKNOWN
:??
101 #
8:0:64:0:.
:64:0:0:0:@UNKNOWN
:??
102 #
8:0:32:0:.
:28:0:0:0:@UNKNOWN
:??
103 #
8:0:128:1:.
:1348:2:0:0:@UNKNOWN
:59.163.221.40
104 #
8:0:128:1:.
:1428:2:0:0:@UNKNOWN
:59.163.221.40
105 #
8:0:128:1:.
:1228:2:0:0:@UNKNOWN
:59.163.221.40
108 #
0:0:64:0:.
:61:0:0:0:@UNKNOWN
:??
109 #
0:0:64:0:.
:36:0:0:0:@UNKNOWN
:??
113 #
11:0:255:0:.
:56:0:0:0
114 #
3:13:255:0:.
:56:0:0:0
115 #
3:3:255:0:.
:88:0:0:192:
116 #
11:0:255:1:.
:172:2:0:0
117 #
11:0:64:0:.
:96:0:0:0
