An attacker engages in activity to detect the operating system or firmware
						version of a remote target by interrogating a device, server, or platform
						with a probe designed to solicit behavior that will reveal information about
						the operating systems or firmware in the environment. Operating System
						detection is possible because implementations of common protocols (Such as
						IP or TCP) differ in distinct ways. While the implementation differences are
						not sufficient to 'break' compatibility with the protocol the differences
						are detectable because the target will respond in unique ways to specific
						probing activity that breaks the semantic or logical rules of packet
						construction for a protocol. Different operating systems will have a unique
						response to the anomalous input, providing the basis to fingerprint the OS
						behavior. This type of OS fingerprinting can distinguish between operating
						system types and versions.