After Tenable announced that they are going to have operating system detection based on Remote Desktop fingerprinting available to Direct Feed customers (http://blog.tenablesecurity.com/2007/10/windows-operati.html), I thought it would be great to figure out how they are doing that.
Unfortunately, I can't seem to locate any good technical documentation on how RDP does what it does. I considered looking at the linux programs that use it (rdesktop) and trying to read their code, but I don't write code myself so it would be hit or miss. RDP is Microsoft's baby and I don't know where to look for in depth docs on it. Does anyone have a link or two to some helpful stuff that would help me break the code? Or will I just need to figure it the hard way? Thanks! -Jason -- NOTICE: This email is being sent in clear-text across the public Internet. Therefore, any attempts to include unenforceable legalese restrictions are ridiculous and pointless. If you can read this, consider yourself authorized (whether I like it or not). _______________________________________________ Wireshark-dev mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-dev
