User Agent Strings

User agent strings act as another method to fingerprint a client. These characteristics range from identifying the browser to the type of OS that it is running on. The user agent string is simply a line of text that is returned whenever your browser connects to a website. The user agent string is based on the specific browser you are using and the OS that is installed on your computer. Here is an example of a user agent string from a Windows host:
Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0)
User agent strings are another way that systems can be identified, because the contents of this field vary from browser to browser. Each browser has its own distinctive string. Here is an explanation for the given example:
■ Mozilla version 5.0 —The Mozilla version is used for historical reasons because at one time, everyone wanted to be compatible with Netscape.
■ Windows NT 6.1 Operating System —Windows 7
■ WOW64 (Windows-On-Windows 64-bit) —A 32-bit application is running on a 64-bit processor.

■ Trident —This is the layout engine for the Windows version of Internet Explorer.
■ 7.0 —The Trident version is 7.0.
■ rv:11.0 —The host is using Internet Explorer 11.0.


From the standpoint of enumeration, it is important to realize that user agent strings are just another means to fi ngerprint and enumerate information about a specifi c system. As an example, the Electronic Freedom Foundation ran an experiment that determined that user agent strings provide about one third of the total information required to uniquely identify an Internet user.