TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during
standard layer 4 network communications. Which of the following tools can be used for passive OS
fingerprinting?
A.
nmap
B.
pingC. tracert
D.
tcpdump
The answer is D.tcpdump
What about tracert and ping? You can obtain the TTL with both tools and therefore determine the OS. I think that this question might be multichoice
Correct Answer: A
Explanation/Reference:
The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
References: http://geek00l.blogspot.se/2007/04/tcpdump-privilege-dropping-passive-os.html
Ooops TCPDUMP
C.
Answer:
tcpdump
Explanation:
The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
References: http://geek00l.blogspot.se/2007/04/tcpdump-privilege-dropping-passive-os.html
i think that nmap,ping, tracert work in layer 3
but the question mention layer 4 so the correct answer is tcpdump
D