CAPEC-317
IP ID Sequencing Probe
Moyen
Bas
Stable
2014-06-23
00h00 +00:00
00h00 +00:00
2018-07-31
00h00 +00:00
00h00 +00:00
Alerte pour un CAPEC
Restez informé de toutes modifications pour un CAPEC spécifique.
Descriptions du CAPEC
This OS fingerprinting probe analyzes the IP 'ID' field sequence number generation algorithm of a remote host. Operating systems generate IP 'ID' numbers differently, allowing an attacker to identify the operating system of the host by examining how is assigns ID numbers when generating response packets. RFC 791 does not specify how ID numbers are chosen or their ranges, so ID sequence generation differs from implementation to implementation. There are two kinds of IP 'ID' sequence number analysis - IP 'ID' Sequencing: analyzing the IP 'ID' sequence generation algorithm for one protocol used by a host and Shared IP 'ID' Sequencing: analyzing the packet ordering via IP 'ID' values spanning multiple protocols, such as between ICMP and TCP.
Informations du CAPEC
Faiblesses connexes
| Nom de la faiblesse | |
|---|---|
CWE-200 |
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Références
REF-33
Hacking Exposed: Network Security Secrets & SolutionsStuart McClure, Joel Scambray, George Kurtz.
REF-128
RFC793 - Transmission Control ProtocolDefense Advanced Research Projects Agency Information Processing Techniques Office, Information Sciences Institute University of Southern California.
http://www.faqs.org/rfcs/rfc793.html
REF-212
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security ScanningGordon "Fyodor" Lyon.
REF-130
The Art of Port ScanningGordon "Fyodor" Lyon.
http://phrack.org/issues/51/11.html
Soumission
| Nom | Organisation | Date | Date de publication |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences, Related_Attack_Patterns, Typical_Likelihood_of_Exploit | |
| CAPEC Content Team | The MITRE Corporation | Updated Description, Description Summary, References, Related_Weaknesses |
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.