xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
添加工具English Version

p0f-new.tgz


提交时间:2004-06-10
提交用户:perky
工具分类:嗅 探 器
运行平台:Unix/Linux
工具大小:124708 Bytes
文件MD5 :5fd6a34d968b5afdbb8a8572c8ddb434
工具来源:lcamtuf.coredump.cx

About:
p0f is a versatile passive OS fingerprinting and masquerade detection utility, to be used for evidence or information gathering on servers, firewalls, IDSes, and honeypots, for pen-testing, or just for the fun of it. It is a complete rewrite of p0f version 1 that used to be maintained by William Stearns.

Usage: p0f [ -f file ] [ -i device ] [ -s file ] [ -o file ]
       [ -w file ] [ -XVNDUKASCMLRqtpdlrx ]
       [ -c size]  [ -T nn ] [ 'filter rule' ]
  -f file   - read fingerprints from file
  -i device - listen on this device
  -s file   - read packets from tcpdump snapshot
  -o file   - write to this logfile (implies -t)
  -w file   - save packets to tcpdump snapshot
  -c size   - cache size for -Q and -M options
  -M        - run masquerade detection
  -T nn     - set masquerade detection threshold (1-200)
  -V        - verbose masquerade flags reporting
  -F        - use fuzzy matching (do not combine with -R)
  -N        - do not report distances and link media
  -D        - do not report OS details (just genre)
  -U        - do not display unknown signatures
  -K        - do not display known signatures (for tests)
  -S        - report signatures even for known systems
  -A        - go into SYN+ACK mode (semi-supported)
  -R        - go into RST/RST+ACK mode (semi-supported)
  -r        - resolve host names (not recommended)
  -q        - be quiet - no banner
  -p        - switch card to promiscuous mode
  -d        - daemon mode (fork into background)
  -l        - use single-line output (easier to grep)
  -x        - include full packet dump (for debugging)
  -X        - display payload string (useful in RST mode)
  -C        - run signature collision check
  -L        - list all available interfaces
  -t        - add timestamps to every entry

  'Filter rule' is an optional pcap-style BPF expression (man tcpdump).

>> 下载 <<