SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE




YUM REPOSITORY

 
 

P0F

Section: User Commands (1)
Index 

NAME

p0f - identify remote systems passively 

SYNOPSIS

p0f[ -f file ] [ -i device ] [ -o file ] [ -s file ] [ -vKUtq ] [ 'filter rule' ]
 

DESCRIPTION

This manual page briefly documents thep0fcommand.

p0fuses a fingerprinting technique based on information comingfrom remote host when it tries to establish a connection to your system.Captured packet parameters contain enough information to determineremote OS - and, unlike active scanners (nmap, queSO) - this is donewithout sending anything to this host.

In short, there are certain TCP/IP flag settings specific for given systems.Usually initial TTL (8 bits), window size (16 bits), maximum segment size(16 bits), don't fragment flag (1 bit), sackOK option (1 bit), nop option(1 bit), window scaling option (8 bits), initial packet size (16 bits)vary from one TCP stack implementation to another, and, combined together,give unique, 67-bit signature for every system. 

OPTIONS

-f file
read fingerprint information from file
-i device
read packets from device
-s file
read packets from file
-o file
write output to file (best with -vt)
-v
verbose mode
-U
do not display unknown signatures
-K
do not display known signatures
-t
add timestamps
-q
quiet mode - do not display banners
-m file
send output to mysql server in 'file'
-g file
insert fprints from 'file' into sql (must be used with -m)
 

FILES

/etc/p0f.fp
default Operating System fingerprint file
 

AUTHOR

p0fwas written by Michal Zalewski <lcamtufAATTcoredump.cx>. This man page was written by William Stearns <wstearnsAATTpobox.com>


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
FILES
AUTHOR

This document was created byman2html,using the manual pages.
 
internet katowice