Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 127 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Curious

mech9122
I was currious if anyone has heard of or knows how to detect such a useful tool as it appears. It is called pof. I have a link http://lcamtuf.coredump.cx/p0f.shtml

Does any one have an Idea as to wether ips can detect/stop such a tool?
Or would this be some form of pf rule. I am new to Astaro and most network
aspects,so be fair with this question. I do not remember where I found link
or anything. Or am I maybe worried slightly about nothing. One being able to
sit and watch your net without you knowing it brings thoughts to me.

Please give me some insight.

     Thank You


This thread was automatically locked due to age.
Parents
  • 0
    p0f is a passive fingerprinter. It does not generate any traffic.
    Therefore, it cannot be detected.

    No one can "watch your net" unless they have are able to sniff your traffic (by tapping into your connection, or compromising your servers or workstations).

    p0f can only see traffic that a remote user is allowed to generate... i.e. if I can surf your web page, then I can (passively) run p0f and maybe figure out what kind of web server you are running. 
    This is not something you should be particularly worried about, especially if you keep your public-facing servers patched and locked down.

    Barry
  • 0 in reply to BarryG
    Thanks for the reply. I kinda figured no go to detect,but wanted to ask. From what I read,very intresting. Thank you though.
Reply Children
No Data