exploits that can potentially be used to attack
                   further.

                   Active banner grabbing is the most common
                   form. Data received from the target, based on
                   the data requests sent. Different operating
                   system IP stacks respond differently to
                   specially crafted TCP request. Passive banner
                   grabbing is based on differential
                   implementation of the stack, based on various
                   ways an operating system responds to
                   packets, and uses sniffing techniques.

                   Tools that can be used to banner grab are:

                       •  ID Serve – can be used to identify the
                          make, model and version of website’s
                          server software. It can be used to
                          identify non-HTTP Internet servers
                          such as FTP, SMTP, POP, and NEWS
                       •  NetCat – a networking utility that read
                          and writes data across network
                          connections, with the help of the
                          TCP/IP protocol. It provides access to
                          outbound and inbound connections,
                          TCP or UDP to/from any ports.
                       •  NetCraft – it reports a site’s operating
                          system, web server, netblock owner. A
                          graphical view of the time since the last
                          reboot for each of the computers
                          serving the site.




                                                               419