blob: 6d725b92cf6b3ad84340c4fd3bb4950ec5a2492b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
P0f is a tool that utilizes an array of sophisticated, purely passive
traffic fingerprinting mechanisms to identify the players behind any
incidental TCP/IP communications (often as little as a single normal SYN)
without interfering in any way. Version 3 is a complete rewrite of the
original codebase, incorporating a significant number of improvements
to network-level fingerprinting, and introducing the ability to reason
about application-level payloads (e.g., HTTP).
To build and install the optional signature and API tools, specify
TOOLS=yes to the SlackBuild, for example
TOOLS=yes sh p0f.SlackBuild
If you are upgrading from p0f version 2.0.8, please note that the files
/etc/p0f/p0f{a,o,r}.fp are no longer used and can be removed.
|
