[Lunar-commits] CVS: moonbase/security/p0f DETAILS,1.3,1.4

Chad Kittel v3rt1g0 at lunar-linux.org
Sun Mar 6 16:42:50 UTC 2005


Update of /var/cvs/lunar/moonbase/security/p0f
In directory espresso.foo-projects.org:/tmp/cvs-serv15260

Modified Files:
	DETAILS 
Log Message:
Version bump.  "Major feature enhancements" according to freshmeat.


Index: DETAILS
===================================================================
RCS file: /var/cvs/lunar/moonbase/security/p0f/DETAILS,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- DETAILS	5 Oct 2004 09:30:17 -0000	1.3
+++ DETAILS	6 Mar 2005 16:42:47 -0000	1.4
@@ -1,25 +1,31 @@
           MODULE=p0f
-         VERSION=2.0.4
+         VERSION=2.0.5
           SOURCE=$MODULE.tgz
 SOURCE_DIRECTORY=$BUILD_DIRECTORY/$MODULE
-   SOURCE_URL=http://lcamtuf.coredump.cx/
-   SOURCE_VFY=md5:7dc7a20c7678233381ed1dbc96d1f423
+      SOURCE_URL=http://lcamtuf.coredump.cx/
+      SOURCE_VFY=sha1:fb11a4138cad903072e3c8ef33316ac22b4ef8f4
         WEB_SITE=http://lcamtuf.coredump.cx/p0f.shtml
          ENTERED=20040216
-         UPDATED=20040715
-           SHORT="p0f v2 is a versatile passive OS fingerprinting tool."
+         UPDATED=20050304
+           SHORT="p0f v2 is a versatile passive OS fingerprinting tool"
 
 cat << EOF
-P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the system on:
-
-   - machines that connect to your box (SYN mode),
-   - machines you connect to (SYN+ACK mode),
-   - machine you cannot connect to (RST+ mode),
-   - machines that talk thru or near your box.
+P0f v2 is a versatile passive OS fingerprinting tool.  P0f can identify
+the operating system on:
+  - machines that connect to your box (SYN mode),
+  - machines you connect to (SYN+ACK mode),
+  - machine you cannot connect to (RST+ mode),
+  - machines whose communications you can observe.
 
-But checking the system is not all we can do, p0f will also check the following:
+P0f can also do many other tricks, and can detect or measure the 
+following:
+  - firewall presence, NAT use (useful for policy enforcement),
+  - existence of a load balancer setup,
+  - the distance to the remote system and its uptime,
+  - other guy's network hookup (DSL, OC3, avian carriers) and his ISP.
 
-   - masquerading and firewall presence (useful for policy enforcement),
-   - the distance to the remote system and its uptime,
-   - other guy's network hookup (DSL, OC3, avian carriers) and his ISP. 
+All this even when the device in question is behind an overzealous packet
+firewall.  P0f does not generate ANY additional network traffic, direct
+or indirect. No name lookups, no mysterious probes, no ARIN queries, 
+nothing.
 EOF



More information about the Lunar-commits mailing list