Saturday, July 20, 2024

Operating Systems Can be Detected Using Ping Command

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, used to find the Availability of a host on an Internet Protocol (IP) network.

Ping operates by sending Internet Control Message Protocol (ICMP) Echo Request packets to the target host and waiting for an ICMP Echo Reply.

TTL is simply meant, how long a resolver is supposed to cache the DNS query before the query expires and a new one needs to be done.

These TTL values differ between the Operating system. Here you find the TTL value for the Range of servers. Reference subinsb.

Device / OSVersionProtocolTTL
AIX3.2, 4.1ICMP255
BSDIBSD/OS 3.1 and 4.0ICMP255
CompaTru64 v5.0ICMP64
Cisco ICMP254
DEC PathworksV5TCP and UDP30
Foundry ICMP64
FreeBSD2.1RTCP and UDP64
FreeBSD3.4, 4.0ICMP255
HP-UX9.0xTCP and UDP30
HP-UX10.01TCP and UDP64
Irix5.3TCP and UDP60
Irix6.xTCP and UDP60
Irix6.5.3, 6.5.8ICMP255
juniper ICMP64
Linux2.0.x kernelICMP64
Linux2.2.14 kernelICMP255
Linux2.4 kernelICMP255
LinuxRed Hat 9ICMP and TCP64
MacOS/MacTCP2.0.xTCP and UDP60
MacOS/MacTCPX (10.5.6)ICMP/TCP/UDP64
Netgear FVG318 ICMP and UDP64
OpenBSD2.6 & 2.7ICMP255
OS/2TCP/IP 3.0 64
Solaris2.5.1, 2.6, 2.7, 2.8ICMP255
StratusTCP_OS (14.2-)TCP and UDP30
StratusTCP_OS (14.3+)TCP and UDP64
SunOS4.1.3/4.1.4TCP and UDP60
SunOS5.7ICMP and TCP255
UltrixV4.2 – 4.5ICMP255
VMS/Multinet TCP and UDP64
Windowsfor WorkgroupsTCP and UDP32
Windows95TCP and UDP32
Windows98, 98 SEICMP128
WindowsNT 3.51TCP and UDP32
WindowsNT 4.0TCP and UDP128
WindowsNT 4.0 SP5- 32
WindowsNT 4.0 SP6+ 128
WindowsNT 4 WRKS SP 3, SP 6aICMP128
WindowsNT 4 Server SP4ICMP128
Windows2000 proICMP/TCP/UDP128
Windows2000 familyICMP128
WindowsServer 2003 128
WindowsServer 2008ICMP/TCP/UDP128

Operating Systems can be detected using Ping Command

We should run the traceroute command first to determine the hops between the Target and the destination.


Operating Systems can be detected using Ping Command

Total number of hops = 11

Now Ping the Domain ping

Operating Systems can be detected using Ping Command

TTL value is TTL=53, By making the Sum of the TTL value and the number of hops we can define the operating system (53 + 11 = 64), and we can conclude that there is a Linux Machine Running.

This is how Operating Systems can be detected using Ping Command.

You can follow us on LinkedinTwitter, and Facebook for daily Cybersecurity and Hacking New updates.


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles