Re: Passive OS Fingerprinting was Cisco CTR etc

From: Raistlin (raistlin_at_s0ftpj.org)
Date: 11/27/03


To: "Andy Cuff [Talisker]" <talisker@securitywizardry.com>, "Teicher, Mark (Mark)" <teicher@avaya.com>, "Ron Gula" <rgula@tenablesecurity.com>, <focus-ids@securityfocus.com>
Date: Thu, 27 Nov 2003 11:40:30 +0100


> LTNS ! I was under the impression that anti-sniff was (thinking of a
polite
> word) prone to false positives.

We @ s0ftpj played around with that concept some time ago. Sorry that some
documentation may be in Italian, but the code is basically there:
http://www.s0ftpj.org/tools/aasniff.tgz

We have also a couple of tools related with os fingerprinting, check out the
tools page:
http://www.s0ftpj.org/en/tools.html

Raistlin

S0ftPj - Digital Security for Y2K

---------------------------------------------------------------------------
---------------------------------------------------------------------------