Detailedlikelihood: Mediumseverity: LowStable

CAPEC-323TCP (ISN) Counter Rate Probe

Abstraction
Detailed
Status
Stable
Likelihood
Medium
Severity
Low

Description

This OS detection probe measures the average rate of initial sequence number increments during a period of time. Sequence numbers are incremented using a time-based algorithm and are susceptible to a timing analysis that can determine the number of increments per unit time. The result of this analysis is then compared against a database of operating systems and versions to determine likely operation system matches.

Related weaknesses· 1

CWE-200

Related attack patterns· 1

CAPEC-312 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-200100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
TCP (ISN) Sequence Predictability Probe
CAPEC
TCP Sequence Number Probe
CAPEC
TCP (ISN) Greatest Common Divisor Probe
CAPEC
IP ID Sequencing Probe
CAPEC
TCP Initial Window Size Probe
CAPEC
TCP Timestamp Probe
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.