freebsd-ports/net/queso/pkg-descr

QueSO homepage -- http://www.apostols.org/projectz/queso/

How we can determine the remote OS using simple tcp packets?  Well,
it's easy, they're packets that don't make any sense, so the RFCs
don't clearly state what to answer in these kind of situations.
Facing this ambiguous, each TCP/IP stack takes a different approach
to the problem, and this way, we get a different response.  In some
cases (like Linux, to name one) some programming mistakes make the OS
detectable.

QueSO sends:

        0 SYN           * THIS IS VALID, used to verify LISTEN
        1 SYN+ACK       
        2 FIN
        3 FIN+ACK
        4 SYN+FIN
        5 PSH
        6 SYN+XXX+YYY   * XXX & YYY are unused TCP flags

All packets have a random seq_num and a 0x0 ack_num.
QueSO determines a remote OS by sending simple TCP packets and analysing the result. 1998-10-24 23:31:27 +00:00			`QueSO homepage -- http://www.apostols.org/projectz/queso/`

			`How we can determine the remote OS using simple tcp packets? Well,`
			`it's easy, they're packets that don't make any sense, so the RFCs`
			`don't clearly state what to answer in these kind of situations.`
			`Facing this ambiguous, each TCP/IP stack takes a different approach`
			`to the problem, and this way, we get a different response. In some`
			`cases (like Linux, to name one) some programming mistakes make the OS`
			`detectable.`

			`QueSO sends:`

			`0 SYN * THIS IS VALID, used to verify LISTEN`
			`1 SYN+ACK`
			`2 FIN`
			`3 FIN+ACK`
			`4 SYN+FIN`
			`5 PSH`
			`6 SYN+XXX+YYY * XXX & YYY are unused TCP flags`

			`All packets have a random seq_num and a 0x0 ack_num.`