group-icon
Hacker's Arena
Knowledge base and discussions group for Security enthusiasts
114 Members
Join this group to post and comment.
Naveen Sunil
Naveen Sunil
Information Technology
07 Jan 2019

Basic OS footprinting with Ping and Traceroute

It is simply possible to find or understand the OS a server is running on, using Ping and Traceroute.

Note: There are advanced tools to detect OS type, but this is one simple method that might not just be accurate if the datacenter routing traffic to a different subnet.

We would need the TTL value and sometimes the total number of hops made in traceroute for OS detection.

Below is a short table of OS with version and protocol details and the default values. These values differs between the Operating Systems.

Device / OS                            Default value            
*nix (Linux/Unix)64
Windows128
Solaris/AIX254


First we do a ping test to get the TTL value. Incase the TTL value does not match the given table value we will do a traceroute on the same domain to get the number of hops and sum the TTL value and number of hops. 

If ping TTL matches one of the table items then stop here. Else do traceroute and add TLL + Number for traceroute hops.

See the huge table at Default TTL (Time To Live) Values of Different OS


Piyush Rao
Piyush Rao
Communications
2mos ago

I have mac. Traceroute does not work on it. 😕 

Naveen Sunil
Naveen Sunil
Information Technology
2mos ago

@Piyush Rao you can use the network utility suite which can be launched from spotlight. Search for Network Utility.