摘要
操作系统探测是网络攻防研究的一项重要内容,它既可以为安全检测服务,也可以为网络攻击提供基础。本文首先深入分析现有国内外操作系统探测工具存在的问题,然后在研究TCP报文结构的基础上提出了基于TCP报文分析的操作系统探测方法,并利用该方法实现了基于TCP报文的OS探测系统。系统能够直接对目标主机进行探测,分析操作系统类型、开放端口服务等。
Operating system detection is an important research aspect in network security. This information is useful for security analysis, and can also be used for the basis of network attacks. According to the shortcomings of the existing OS detection tools, based on the deep research of the structure of TCP packets, a method through TCP packets alteration is put forward, and the OS detection based on this method is implemented. The system can detect the host directly, and analyze the basic information such as OS types, and open services.
出处
《计算机工程与科学》
CSCD
2007年第6期32-35,共4页
Computer Engineering & Science
基金
国防预研基金资助项目(51419020105KG0110)
国家自然科学基金资助项目(60573136)
