As we all know, the target host type can be judged through PING and TRACERT programs. The main purpose of ping is to detect whether the target host is connected.
TRACERT uses ICMP packets and packet headers to neutralize the TTL values in IP packets to prevent packets from constantly cycling on the IP interconnection layer without terminating.
Many intruders will first PING your machine. If you see a TTL value of 128, you can think that your system is WINDOWNT/2000. If the TTL value is 32, you think that the target host operating system is WINDOWS95/98. If the TTL value is 255/64, you think that it is UNIX/LIUX operating system. Since the intruder believes in the results reflected by the TTL value, we can modify the TTL value, and the intruder cannot invade the computer.
Operation steps:
1. Open the notepad file and write the batch file command:
@echo regedit4>>
@echo.>>
@echo[HKEY_LOCAL_MACHINE\SYSTEM\CURRENT_CONTROLSET\SERVICES\TCPIP\PARAMETERS]>>>
@echo "defaultTTL"=dword:"000000">>
@regedit /s /c
2. Save the written program as a batch file with the extension .bat. Click this file and the TT value of your operating system will be modified to ff, that is, 255 in decimal, which means that your operating system has artificially changed to UNIX system. At the same time, a registry file named after the folder where the file is located will be generated. If you want to run this batch file without generating the file, you can add deltree/y to the last line of the processing file and automatically delete the file without confirmation.
Article entry: dnbm Editor: dnbm