IPv6 host fingerprint
MetadataShow full item record
This thesis explores ways of using probe packets to identify the type and version of OS that is run by a remote IPv6 host. Such a probing technique can be effective because developers of different OSes often interpret the guidance provided by the RFCs slightly differently, and consequently their network protocol stack implementation may generate responses bearing unique markers to certain probing packets. The key challenge is to find suitable probing packets for different OSes. Using a real IPv6 test bed, this thesis has evaluated both existing UDP-or-TCP-based and new IPv6-extension-header-based probing packets against a selected set of eight popular OSes. The results show that the UDP/TCP methods are also effective in an IPv6 environment and the extension header approach is worthy further study. There are evidences that OS fingerprinting is harder with IPv6. It might be due to the fact that given the experimental nature of IPv6, similar OSes tend to reuse IPv6 code. This conjecture requires further study. Finally, the thesis has also developed a method of crafting arbitrary IPv6 packets using the SmartBits system.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Fortner, Scott; Xie, Geoffrey G. (IEEE, 2017-05);As new network services and middleboxes proliferate, it is important to have reliable means to test these services and devices, and a common practice to generate realistic testing traffic is through replaying previously ...
Fountanas, Leonidas (Monterey, California. Naval Postgraduate School, 2001-12);This thesis develops active queue management mechanisms for real-time traffic for MANETs. Providing QoS for real-time applications is still an open issue as stated in RFC 2309. The proposed packet-dropping algorithm called ...
Kim, Jihye (Monterey, CA; Naval Postgraduate School, 2021-03);Web applications that process sensitive information have become prevalent. Modern web applications rely heavily on dynamic content (i.e., page updates made by the browser using an XMLHttpRequest, and more recently the ...