Post Fri Feb 06, 2009 11:34 am

telnetrecon - server fingerprinting

The telnetrecon project is doing some research in the field of telnet server fingerprinting. The goal is the highly accurate identification of given telnetd implementations. This is very important within professional vulnerability analysis.

Besides the discussion of different approaches and the documentation of gathered results also an implementation for automated analysis is provided. This software shall improve the easyness and efficiency of this kind of enumeration. The main approach is the fingerprinting of the telnet options negotiation initiated by the server part. Some basic ideas of application fingerprinting were discussed in the book Die Kunst des Penetration Testing (Chapter 9, Application Fingerprinting).

Will look into it soon =)