For those of us in the information technology field, there are two reasons why we should understand operating system fingerprinting.
The first reason is to better design and implement security controls in networks and local machines.
The second reason is that effective OS fingerprinting is a vital penetration testing skill.
If an attacker can identify the operating systems that run on specific target machines, they can then learn which exact vulnerabilities to exploit. Each and every OS in deployment has unique bugs and vulnerabilities. When an exact OS is determined, it’s really easy to research what they are. That’s even often true when bug reports haven’t been sent to vendors already, and the corresponding patches have yet to be developed! So, hardening against OS fingerprinting can, in some cases, prevent zero-day attacks.
more here...........http://resources.infosecinstitute.com/must-know-os-fingerprinting/
The first reason is to better design and implement security controls in networks and local machines.
The second reason is that effective OS fingerprinting is a vital penetration testing skill.
If an attacker can identify the operating systems that run on specific target machines, they can then learn which exact vulnerabilities to exploit. Each and every OS in deployment has unique bugs and vulnerabilities. When an exact OS is determined, it’s really easy to research what they are. That’s even often true when bug reports haven’t been sent to vendors already, and the corresponding patches have yet to be developed! So, hardening against OS fingerprinting can, in some cases, prevent zero-day attacks.
more here...........http://resources.infosecinstitute.com/must-know-os-fingerprinting/