CAPEC-327: TCP Options Probe
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
This OS fingerprinting probe analyzes the type and order of any TCP header options present within a response segment. Most operating systems use unique ordering and different option sets when options are present. RFC 793 does not specify a required order when options are present, so different implementations use unique ways of ordering or structuring TCP options. TCP options can be generated by ordinary TCP traffic.
前提条件
- The ability to monitor and interact with network communications.Access to at least one host, and the privileges to interface with the network interface card.
所需资源
- A tool capable of sending and receiving packets from a remote system.
后果影响
影响范围: Confidentiality
技术影响: Read Data
影响范围: Confidentiality Access Control Authorization
技术影响: Bypass Protection Mechanism