a77dd04035
different database files than the earlier one / pf / tcpdump), ok giovanni@ P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP). The tool can be operated in the foreground or as a daemon, and offers a simple real-time API (via unix domain sockets) for third-party components that wish to obtain additional information about the actors they are talking to.
14 lines
365 B
Plaintext
14 lines
365 B
Plaintext
@comment $OpenBSD: PLIST,v 1.1.1.1 2015/01/08 22:03:20 sthen Exp $
|
|
@bin sbin/p0f3
|
|
share/doc/p0f3/
|
|
share/doc/p0f3/COPYING
|
|
share/doc/p0f3/ChangeLog
|
|
share/doc/p0f3/README
|
|
share/doc/p0f3/TODO
|
|
share/doc/p0f3/existential-notes.txt
|
|
share/doc/p0f3/extra-sigs.txt
|
|
share/examples/p0f3/
|
|
@sample ${SYSCONFDIR}/p0f/
|
|
share/examples/p0f3/p0f3.fp
|
|
@sample ${SYSCONFDIR}/p0f/p0f3.fp
|