Saturday, October 18, 2008

p0f - Passive Os Fingerprinting!

P0f is quite useful for gathering all kinds of profiling information about your users, customers or attackers (IDS, honeypot, firewall), tech espionage, active or passive policy enforcement (restricting access for certain systems or otherwise handling them differently; or detecting guys with illegal network hookups using masquerade detection), content optimization, pen-testing (especially with SYN+ACK and RST+ACK modes), thru-firewall fingerprinting... plus all the tasks active fingerprinting is suitable for. And, of course, it has a high coolness factor, even if you are not a sysadmin.

For more information visit:-

http://lcamtuf.coredump.cx/p0f.shtml