9842074d8a
- Replace SED with SUBST.* - Improve DESCR - ok'ed snj@/wiz@ From the Changelog: Verison 2.0.4: -------------- More signatures. Improved documentation, mentions of p0f_db, etc. [BUG] Fixed a minor problem with installation on systems w/o /usr/man/. [BUG] Fixed a DLT_NULL problem, added a new loopback signature. Multiple timestamp options, timestamps now read from pcap dumps. Sync with new Windows port code. [BUG] Fixed one-line reporting for masquerade detection.
14 lines
591 B
Text
14 lines
591 B
Text
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the
|
|
operating system on:
|
|
|
|
- machines that connect to your box (SYN mode),
|
|
- machines you connect to (SYN+ACK mode),
|
|
- machine you cannot connect to (RST+ mode),
|
|
- machines whose communications you can observe.
|
|
|
|
P0f can also do many other tricks, and can detect or measure the following:
|
|
|
|
- firewall presence or masquerading (useful for policy enforcement),
|
|
- presence of a load balancer setup,
|
|
- the distance to the remote system and its uptime,
|
|
- other guy's network hookup (DSL, OC3, avian carriers) and his ISP.
|