Dark Mode
Capec-327 Detail
TCP Options Probe
Detailed Software Likelihood: Medium Typical Severity: Low
Parents: 312
Threats: T60 T80 T258 T288 T291 T302 T334 T392 T407
This OS fingerprinting probe analyzes the type and order of any TCP header options present within a response segment. Most operating systems use unique ordering and different option sets when options are present. RFC 793 does not specify a required order when options are present, so different implementations use unique ways of ordering or structuring TCP options. TCP options can be generated by ordinary TCP traffic.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-327 | capec | https://capec.mitre.org/data/definitions/327.html | |
| CWE-200 | cwe | http://cwe.mitre.org/data/definitions/200.html | |
| REF-33 | reference_from_CAPEC | Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed: Network Security Secrets & Solutions (6th Edition), 2009, McGraw Hill | |
| REF-128 | reference_from_CAPEC | http://www.faqs.org/rfcs/rfc793.html | Defense Advanced Research Projects Agency Information Processing Techniques Office, Information Sciences Institute University of Southern California, RFC793 - Transmission Control Protocol, 1981--09, Defense Advanced Research Projects Agency (DARPA) |
| REF-212 | reference_from_CAPEC | Gordon "Fyodor" Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (3rd "Zero Day" Edition,), 2008, Insecure.com LLC |
Not present
- The ability to monitor and interact with network communications.Access to at least one host, and the privileges to interface with the network interface card.
- A tool capable of sending and receiving packets from a remote system.
Not present
| Authorization | Access Control | Confidentiality |
|---|---|---|
| Bypass Protection Mechanism | Bypass Protection Mechanism | Read Data |
| Hide Activities | Hide Activities | Bypass Protection Mechanism |
| Hide Activities |
Not present