Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They could use TCP time stamps to estimate the clock skew of devices, as they access web services.

See "Remote physical device fingerprinting - Tadayoshi Kohno, Andre Broido, kc claffy"



Doesn't nmap have a whole bunch of such fingerprints stored in a database?


Nmap only gives you information on the version of OS and of network applications.

e.g.

   nmap -sV 127.0.0.1

   Starting Nmap 5.00 ( http://nmap.org ) at 2010-12-01 18:28 GMT
   Interesting ports on localhost (127.0.0.1):
   Not shown: 997 closed ports
   PORT      STATE SERVICE   VERSION
   631/tcp   open  ipp       CUPS 1.4
   2000/tcp  open  callbook?
   24800/tcp open  kvm       Synergy KVM




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: