A skilled ethical hacker was assigned to perform a thorough OS discovery on a potential target. They decided to adopt an advanced fingerprinting technique and sent a TCP packet to an open TCP port with specific flags enabled. Upon receiving the reply, they noticed the flags were SYN and ECN-Echo. Which test did the ethical hacker conduct and why was this specific approach adopted?
The test described involves sending a TCP packet with the SYN and ECN-Echo flags enabled to an open TCP port. When the target system responds with SYN and ECN-Echo flags, it allows the ethical hacker to determine the OS fingerprint based on this specific response. This technique leverages advanced fingerprinting by analyzing how the target system handles these particular flags, which is indicative of certain operating system behaviors.
Test 1: A TCP packet with the SYN and ECN-Echo flags enabled is sent to an open TCP port.
The answer is C, These are the new questions in the pool.
CEH V12 PG 333
Could someone help me confirm if this is correct
Could someone help me confirm if this is correct
Test 6: send to closed port. Test 2: send empty packet to open port. Test 3: send packet with set flags SYN|FIN|URG|PSH on open port without any options So the answer is Test 1: send packet with SYN flag with TCP options on open ports