Premium Content

Access "POF fingerprint scanning tools mitigate OS fingerprinting vulnerabilities"

Published: 02 Jun 2003

Tools that do operating system fingerprinting are a hacker's dream. They make it ridiculously simple to identify easy targets. Run Nmap against a target, learn what OS version it's running, and then look for a set of attack tools that can take out that particular release. If you place a POF sensor near one of your outgoing network connections, you can quickly build a map of machines and their OSes. Fortunately for us (the good guys), most fingerprinting scans leave distinctive patterns that are easily detected by a decent IDS. But aside from that, the good guys can also use a powerful OS fingerprinting technique called Passive Operating System Fingerprinting (POF). Several POF tools are available; the original is called "p0f" (with a zero), co-created by Michael Zalewski and Bill Stearns. POF is invisible, silent and nonintrusive. Unlike active fingerprinting tools such as Nmap, POF operates only as a sniffer and generates no packets. This is extremely important, because that means it won't interfere with legitimate traffic, and it won't force you and your ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free