How OS Fingerprinting Works // NMAP Tutorial

In this video we are going to capture these scans with dumpcap and examine how OS Fingerprinting works in Wireshark. It may seem like magic, and it kinda is, but we will take a look at how each crafted TCP/UDP/ICMP packet helps to determine the target OS. //Downloads// Download the Fingerprinting OS PCAPs and NMAP OS Database https://packetpioneer.com/wp-content/uploads/nmap-OS-fingerprint.zip You can also access the OS database in the /usr/share/nmap folder when installing nmap on a linux system. //Links// NMAP OS Fingerprinting - https://nmap.org/book/osdetect-methods.html == More On-Demand Training from Chris == ▶Getting Started with Wireshark - https://bit.ly/udemywireshark ▶Getting Started with Nmap - https://bit.ly/udemynmap == Live Wireshark Training == ▶TCP/IP Deep Dive Analysis with Wireshark - https://bit.ly/virtualwireshark == Private Wireshark Training == Let's get in touch - https://packetpioneer.com/product/private-virtual-classroom/ //Timestamps:// 0:00 Intro 0:45 Running the OS Fingerprinting Scan 2:43 Analyzing the scan in Wireshark 4:57 How OS Fingerprinting Works 8:58 Using the NMAP OS Database 10:30 Analyzing ICMP Behavior 12:06 Conclusion This is important info to know for anyone going for their Pentest+, CEH, OSCP, eJPT, CySA+, or just about any other Cybersecurity Cert.