Detecting the Presence of Virtual Machines Using the Local Data Table - This paper describes a method for determining the presence of virtual machine emulation in a non-privileged operating environment. This attack is useful for triggering anti-virtualization attacks and evading analysis.
48ac374b43d646206bf8a59b9cc0aed6ac19a76791acaea176314b493393c68e
Remote physical device fingerprinting by exploiting small, microscopic deviations in device hardware: clock skews. Presents research showing accuracy equivalent to DNA matches, even when the target was hundreds of milliseconds away.
17e42aca61fb1e13d6384273c729283e39eb5b491370e0267bd70fdd7b2a8d12
Paper discussing utilization of port zero for OS fingerprinting and how to protect against it.
bbe9a71a165db0e8b2e6a2f2d5c437c544faf4ba99ad3d4c8737d4bf2ef584a0
Remote OS Detection using LPD Querying - Line printer daemons listening on TCP port 515 can give away information about which OS is running. Proof of concept code which contains a database of LPD returned messages and OS matches here.
cded128bdfd32167081a2f12af24098e14d48c17d622174b582fc793b3e6d45d
Examining Advanced Remote OS Detection Methods/Concepts using Perl - This paper discusses the theory and practice behind OS detection with a specific focus on the practice related to the PERL programming language. Methods and concepts for remote operating system detection are closely examined and implemented into Perl code.
42dc76c48a5bd38bca8b591b25e2bfb48e12b5dc3be5bf83200be9d48655549b
Pho's alternate remote OS detection techinques page has been updated. Includes information on ICMP techniques, ARP techniques, IP techniques, and UDP techniques.
8ad58add858120309dfa20fecd05c30e086888dd27674d03eb1a7771daeb0615