On Wed, 25 Sep 2002 10:33:52 +0200, "supermac2@inwind.it" <supermac2@inwind.it> said: > I'm Marco from Italy and I'm working on a security LAN project. > I have to analyze all the hosts on my ethernet relying on their > broadcast packets. If a tree doesn't fall in the forest, what sound doesn't it make? (Think about it - if a machine doesn't drop a broadcast packet, or not enough to analyze, what do you do?) > Where can I find a list of broadcast packets sent by all Operating > Sysyems?? A better approach would be to ask "What services use broadcast packets" and then ask what systems implement that service. Also, you may want to think about the following question: How do you distinguish between a Microsoft Windows system issuing a broadcast packet on port 139, and a Linux system running Samba issuing the same packet on port 139? You might want to ask yourself exactly what you're trying to accomplish by trying to fingerprint systems based only on broadcast packets? What problem will you solve by doing this? Is this just a "see if it can be done" project, or are you really expecting to get a major gain from it? If so, what gain are you expecting? -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
pgp00122.pgp
Description: PGP signature
