| 12345678910111213 |
- P0f is a tool that utilizes an array of sophisticated, purely passive
- traffic fingerprinting mechanisms to identify the players behind any
- incidental TCP/IP communications (often as little as a single normal SYN)
- without interfering in any way. Version 3 is a complete rewrite of the
- original codebase, incorporating a significant number of improvements to
- network-level fingerprinting, and introducing the ability to reason about
- application-level payloads (e.g., HTTP).
- The tool can be operated in the foreground or as a daemon, and offers a
- simple real-time API (via unix domain sockets) for third-party components
- that wish to obtain additional information about the actors they are
- talking to.
|
