And I though MZ gave up on p0f after no updates to v2 in years. I guess I'm proven wrong....
== What's new ==
Version 3 is a complete rewrite, bringing you much improved SYN and SYN+ACK fingerprinting capabilities, auto-calibrated uptime measurements, completely redone databases and signatures, new API design, IPv6 support (who knows, maybe it even works?), stateful traffic inspection with thorough cross-correlation of collected data, application-level fingerprinting modules (for HTTP now, more to come),
and a lot more.
----
On my list to test in the near future and provide some new fingerprints. Assuming time permits and how well it works (I have no doubts well, but...), I will look at what it is doing and see if I can incorporate new stuff/ideas into a newer tcp plugin for Satori.
Subscribe To
Posts
Comments
No comments:
Post a Comment