While assessing an IoT segment, you encounter a device whose service banners are obfuscated. To uncover its underlying operating system, you transmit a series of deliberately malformed TCP and ICMP packets, then match the resulting replies against a database of known response fingerprints. Which information-gathering technique does this describe?
Parsing email-server log metadata for host details
Enumerating leaked cloud access keys and associated tags
Active OS fingerprinting with crafted network probes
Mining search-engine caches for historical domain content
Active OS fingerprinting relies on sending specially crafted network probes and comparing the target's replies with a library of known signatures. The unique combination of TTL values, window sizes, flag ordering, and other stack behaviors reveals the operating system. Reviewing logs, cached web pages, or cloud keys can expose useful clues but does not systematically compare response patterns to signature databases.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'sending carefully crafted requests' mean in penetration testing?
Open an interactive chat with Bash
How can reply patterns from crafted requests reveal the target system's environment?
Open an interactive chat with Bash
What tools can help generate and analyze carefully crafted requests in penetration testing?