xprobeを使う
ICMPの応答時間や返し方などを計って対象ホストのOSを推測するというツールです。
説明を聞いて判るとおりハッキングツールの一種なので実行には注意してください。
実行結果例(LS-XHLからWinXPの11nクチに向かって実行)
$ sudo xprobe2 -v 192.168.1.102 Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu [+] Target is 192.168.1.102 [+] Loading modules. [+] Following modules are loaded: [x] [1] ping:icmp_ping - ICMP echo discovery module [x] [2] ping:tcp_ping - TCP-based ping discovery module [x] [3] ping:udp_ping - UDP-based ping discovery module [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation [x] [5] infogather:portscan - TCP and UDP PortScanner [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module [x] [12] fingerprint:smb - SMB fingerprinting module [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module [+] 13 modules registered [+] Initializing scan engine [+] Running scan engine [-] ping:tcp_ping module: no closed/open TCP ports known on 192.168.1.102. Module test failed [-] ping:udp_ping module: no closed/open UDP ports known on 192.168.1.102. Module test failed [-] No distance calculation. 192.168.1.102 appears to be dead or no ports known [+] Host: 192.168.1.102 is up (Guess probability: 50%) [+] Target: 192.168.1.102 is alive. Round-Trip Time: 0.00094 sec [+] Selected safe Round-Trip Time value is: 0.00189 sec [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known) [-] fingerprint:smb need either TCP port 139 or 445 to run [-] fingerprint:snmp: need UDP port 161 open [+] Primary guess: [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2003 Server Standard Edition" (Guess probability: 100%) [+] Other guesses: [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2003 Server Enterprise Edition" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows XP SP2" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows XP SP1" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows XP" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2000 Server Service Pack 4" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2000 Server Service Pack 3" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2000 Server Service Pack 2" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2000 Server Service Pack 1" (Guess probability: 100%) [+] Host 192.168.1.102 Running OS: "Microsoft Windows 2000 Server" (Guess probability: 100%) [+] Cleaning up scan engine [+] Modules deinitialized [+] Execution completed.
組み込み環境(LAN付き情報家電)のOS特定とかに使えるかな