In a computing system, reconnaissance is often a typical first step in a targeted attack. An attacker must often learn of available services, software, and operating system configuration in order to determine how to best infiltrate a given system. This information can often be gathered directly or indirectly via specifically crafted network requests in an effort to exploit possible vulnerabilities of the system.
Current standard practices are to limit the information available to attackers via network services. For instance, a web server can be configured to refrain from revealing its name, version number, or installed modules. However, not all server applications can be configured in this way, and not all protocols allow for such minimal server information. In addition, attackers can often use other indirect information to determine server operating characteristics.
In some cases, attackers are capable of observing components and configurations of static target operational environments, and also information that is available through public fingerprinting technologies. Much of this information may be communicated through standard Internet browsing technologies available to users. For an attacker, obtaining this type of system information can lead to possible exploitation of the system.