|
|
|
|
|
| 运行环境: Win9x/NT/2000/XP/2003 |
 |
文件大小: 0 K |
| 软件等级: ★★★ |
软件类别: 国产软件 |
| 开 发 商: 未知 |
软件语言: 英文 |
| 相关链接: 软件演示地址 软件注册地址 |
软件属性: 热 |
下载次数: 本日: 本周:
本月: 总计: |
授权方式: 免费版 |
| 解压密码: |
| 软件添加: 审核:admin 录入:admin |
添加时间: 2006-8-18 0:56:00 |
|
 |
About:
p0f is a versatile passive OS fingerprinting and masquerade detection utility, to be used for evidence or information gathering on servers, firewalls, IDSes, and honeypots, for pen-testing, or just for the fun of it. It is a complete rewrite of p0f version 1 that used to be maintained by William Stearns.
Usage: p0f [ -f file ] [ -i device ] [ -s file ] [ -o file ]
[ -w file ] [ -XVNDUKASCMLRqtpdlrx ]
[ -c size] [ -T nn ] [ 'filter rule' ]
-f file - read fingerprints from file
-i device - listen on this device
-s file - read packets from tcpdump snapshot
-o file - write to this logfile (implies -t)
-w file - save packets to tcpdump snapshot
-c size - cache size for -Q and -M options
-M - run masquerade detection
-T nn - set masquerade detection threshold (1-200)
-V - verbose masquerade flags reporting
-F - use fuzzy matching (do not combine with -R)
-N - do not report distances and link media
-D - do not report OS details (just genre)
-U - do not display unknown signatures
-K - do not display known signatures (for tests)
-S - report signatures even for known systems
-A - go into SYN+ACK mode (semi-supported)
-R - go into RST/RST+ACK mode (semi-supported)
-r - resolve host names (not recommended)
-q - be quiet - no banner
-p - switch card to promiscuous mode
-d - daemon mode (fork into background)
-l - use single-line output (easier to grep)
-x - include full packet dump (for debugging)
-X - display payload string (useful in RST mode)
-C - run signature collision check
-L - list all available interfaces
-t - add timestamps to every entry
'Filter rule' is an optional pcap-style BPF expression (man tcpdump).
|
|
|
