Satori OS fingerprinting framework v0.62 released
Satori uses WinPCap. This program listens on the wire for all traffic and does OS Identification based on what it sees. Main things it works to identify are: Windows Machines, HP devices (that use HP Switch Protocol), Cisco devices (that do CDP packets), IP Phones (that send out Skinny packets), and a lot of DHCP related stuff recently, plus some other things
Here is a great software for fingerprinting i’ve just known about (thanks to Thierry Zoller) via "ToolSubmit Service". In fact, as Eric Kollman (the author) said that all known tools (Siphon, p0f (now p0f 2), Ettercap, and a few others) actually all using the same tired method of fingerprinting the TCP Syn and Syn/ACK packets.
He argues : "The problem is they missed the rest of the IP stack, they targeted one area and never moved on from there."
For the whole explaination, please read the documentation that comes with the software.
Tool submitted by Thierry Zoller
Satori has been added to SD Tools Watch Process
Post scriptum
Compliance Mandates
|
Related Articles
| Enumeration |
|
| Footprinting |
|
| Network Monitoring |
|
| Satori |
|
