[Discussion] OS Fingerprinting

Matt Jonkman jonkman at jonkmans.com
Fri Dec 19 20:15:42 UTC 2008


Decula in IRC had two great ideas. One was to use something like p0f to
do live OS fingerprinting.

That could be very useful for eliminating false positives and
identifying unusual behavior (ie a windows box running a telnet server, etc)

Adding this to the wiki, anyone have thoughts to add to that?

Matt

-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc





More information about the Discussion mailing list