Well sat down and finally played with p0fv3...
DAMN that is fast! Reminds me how pathetically slow Satori is since I wander the .xml file EVERY packet that goes through instead of reading it in once, hashing it and doing a look up on that hash. Not sure how easy it will be, but after seeing how fast p0fv3 is (and prads in the past) just reminds me how much time I'm killing do to how I do lookups!
Anyway, back to p0fv3. Ran a 7 year old pcap file through it, there were about 7-10 devices that it didn't know. Mostly Netware 5 and 6 boxes, a few others that I don't know and would like to, and then a few XP ones that may have been because of the SP they were at or other services. Anyway, sent them on.
Very nice nice program as always mz!
Monday, February 13, 2012
Monday, February 6, 2012
Passive Aggressive Pwnage
15 min fire talk at Schmoocon 2012, mentions Satori in DHCP fingerprinting, which I was happy to see, missed the greater use of it, but at least it was mentioned!
Audio on this sucks, but was worth my 15 mins to listen to and get a few new ideas.
Thanks for the mention of Satori John!
Audio on this sucks, but was worth my 15 mins to listen to and get a few new ideas.
Thanks for the mention of Satori John!
Subscribe to:
Posts (Atom)