Articles Written by Eric Kollmann. Email xnih@cableone.net with feedback
Provided as-is.
(September, 2007) - Another paper in the 'Chatter on the Wire' series. I hope to do more of these as time permits, and with less time between them. This one looks at what was started in the original paper about using DHCP packets to identify the OS passively. We go beyond the original though and have quite a few OS's fingerprints in the paper along with using some new options beyond options 55, 60 and all the options as a whole.
(October, 2007) - Slide deck on our presentation for BH Japan. Info presented goes along with the data collected in the DHCP OS Fingerprinting paper above.
(August, 2005) - Paper I'm working on, based on what I've seen with DataDipper/Satori and other programs I've written over the years. Feedback and other info would be greatly appreciated. This also is in its infancy, want to turn it into much more than it is now, but figured I'd throw it out for feedback also. Paper looks at a wide range of Active and Passive approaches of OS identification of devices on the network.