Saturday, October 12, 2024
HomeComputer SecurityOperating Systems Can be Detected Using Ping Command

Operating Systems Can be Detected Using Ping Command

Published on

Malware protection

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host on an Internet Protocol (IP) network.

Ping operates by sending Internet Control Message Protocol (ICMP) Echo Request packets to the target host and waiting for an ICMP Echo Reply.

TTL is simply meant, how long a resolver is supposed to cache the DNS query before the query expires and a new one needs to be done.

- Advertisement - SIEM as a Service

These TTL values differ between the Operating system. Here you find the TTL value for the Range of servers. Reference subinsb.

Device / OSVersionProtocolTTL
AIX TCP60
AIX UDP30
AIX3.2, 4.1ICMP255
BSDIBSD/OS 3.1 and 4.0ICMP255
CompaTru64 v5.0ICMP64
Cisco ICMP254
DEC PathworksV5TCP and UDP30
Foundry ICMP64
FreeBSD2.1RTCP and UDP64
FreeBSD3.4, 4.0ICMP255
FreeBSD5ICMP64
HP-UX9.0xTCP and UDP30
HP-UX10.01TCP and UDP64
HP-UX10.2ICMP255
HP-UX11ICMP255
HP-UX11TCP64
Irix5.3TCP and UDP60
Irix6.xTCP and UDP60
Irix6.5.3, 6.5.8ICMP255
juniper ICMP64
MPE/IX (HP) ICMP200
Linux2.0.x kernelICMP64
Linux2.2.14 kernelICMP255
Linux2.4 kernelICMP255
LinuxRed Hat 9ICMP and TCP64
MacOS/MacTCP2.0.xTCP and UDP60
MacOS/MacTCPX (10.5.6)ICMP/TCP/UDP64
NetBSD ICMP255
Netgear FVG318 ICMP and UDP64
OpenBSD2.6 & 2.7ICMP255
OpenVMS07.01.2002ICMP255
OS/2TCP/IP 3.0 64
OSF/1V3.2ATCP60
OSF/1V3.2AUDP30
Solaris2.5.1, 2.6, 2.7, 2.8ICMP255
Solaris2.8TCP64
StratusTCP_OSICMP255
StratusTCP_OS (14.2-)TCP and UDP30
StratusTCP_OS (14.3+)TCP and UDP64
StratusSTCPICMP/TCP/UDP60
SunOS4.1.3/4.1.4TCP and UDP60
SunOS5.7ICMP and TCP255
UltrixV4.1/V4.2ATCP60
UltrixV4.1/V4.2AUDP30
UltrixV4.2 – 4.5ICMP255
VMS/Multinet TCP and UDP64
VMS/TCPware TCP60
VMS/TCPware UDP64
VMS/Wollongong1.1.1.1TCP128
VMS/Wollongong1.1.1.1UDP30
VMS/UCX TCP and UDP128
Windowsfor WorkgroupsTCP and UDP32
Windows95TCP and UDP32
Windows98ICMP32
Windows98, 98 SEICMP128
Windows98TCP128
WindowsNT 3.51TCP and UDP32
WindowsNT 4.0TCP and UDP128
WindowsNT 4.0 SP5- 32
WindowsNT 4.0 SP6+ 128
WindowsNT 4 WRKS SP 3, SP 6aICMP128
WindowsNT 4 Server SP4ICMP128
WindowsMEICMP128
Windows2000 proICMP/TCP/UDP128
Windows2000 familyICMP128
WindowsServer 2003 128
WindowsXPICMP/TCP/UDP128
WindowsVistaICMP/TCP/UDP128
Windows7ICMP/TCP/UDP128
WindowsServer 2008ICMP/TCP/UDP128
Windows10ICMP/TCP/UDP128

Operating Systems can be detected using Ping Command

We should run the traceroute command first to determine the hops between the Target and the destination.

tracert gbhackers.com

Operating Systems can be detected using Ping Command

Total number of hops = 11

Now Ping the Domain ping gbhackers.com

Operating Systems can be detected using Ping Command

TTL value is TTL=53, By making the Sum of the TTL value and the number of hops we can define the operating system (53 + 11 = 64), and we can conclude that there is a Linux Machine Running.

This is how Operating Systems can be detected using Ping Command.

You can follow us on LinkedinTwitter, and Facebook for daily Cybersecurity and Hacking New updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication

Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication...

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Linux Malware perfctl Attacking Millions of Linux Servers

Researchers have uncovered a sophisticated Linux malware, dubbed "perfctl," actively targeting millions of Linux...

macOS Sequoia Update Breaks Multiple Security Tools

Apple's latest operating system update, macOS 15, also known as Sequoia, has disrupted the...

Earth Lusca Using Multiplatform Backdoor to Attack Windows & Linux Machines

Earth Lusca is a suspected China-based cyber espionage group active since at least April...