From the course: Threat Modeling: Information Disclosure in Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Intentional disclosure
From the course: Threat Modeling: Information Disclosure in Depth
Intentional disclosure
- [Instructor] Processes handout data intentionally, all the time. If you connect to Microsoft's mail servers, they'll tell you their exact host name, the time, their time zone. Sadly, they're running in UTC. So I can't be all passive aggressive about them running on Seattle time, but I can ask, why do they feel a need to tell everyone that? Apache web servers, by default, send more information. Internet-scale scanning projects like Shondan gather this information. But even without such explicit banners, the behavior of systems can often be used to identify them. A mail server might respond differently to HELO and ELHO allowing someone to fingerprint it. These differences are at the heart of how Nmap does operating system identification. In today's world, it makes sense for processes to be conservative in what they send.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.