SinFP is a new approach to OS fingerprinting, which bypasses
limitations that nmap has.
Nmap approaches to fingerprinting as shown to be efficient for years.
Nowadays, with the omni-presence of stateful filtering devices,
PAT/NAT configurations and emerging packet normalization technologies,
its approach to OS fingerprinting is becoming to be obsolete.
SinFP uses the aforementioned limitations as a basis for tests to be
obsolutely avoided in used frames to identify accurately the remote
operating system. That is, it only requires one open TCP port, sends
only fully standard TCP packets, and limits the number of tests to 2
or 3 (with only 1 test giving the OS reliably in most cases).
WWW: http://www.gomor.org/sinfp
