P0f: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 36: | Zeile 36: | ||
| params = generic fuzzy | | params = generic fuzzy | ||
| raw_sig = 4:63+1:0:1460:65535,6:mss,nop,ws,nop,nop,ts,sok,eol+1:df,ecn:0 | | raw_sig = 4:63+1:0:1460:65535,6:mss,nop,ws,nop,nop,ts,sok,eol+1:df,ecn:0 | ||
| + | | | ||
| + | `---- | ||
| + | </pre> | ||
| + | Android | ||
| + | *p0f -i eth0 'host 10.81.70.10 | ||
| + | <pre> | ||
| + | .-[ 10.81.70.10/56561 -> 216.58.207.67/443 (syn) ]- | ||
| + | | | ||
| + | | client = 10.81.70.10/56561 | ||
| + | | os = Linux 2.2.x-3.x | ||
| + | | dist = 1 | ||
| + | | params = generic | ||
| + | | raw_sig = 4:63+1:0:1460:65535,6:mss,sok,ts,nop,ws:df,id+:0 | ||
| | | | ||
`---- | `---- | ||
</pre> | </pre> | ||
Version vom 9. November 2017, 13:46 Uhr
OS Detection
- p0f -i eth0 'host 10.83.10.10'
Windows Server 2012
.-[ 10.83.10.10/51691 -> 192.168.214.46/443 (syn) ]- | | client = 10.83.10.10/51691 | os = Windows 7 or 8 | dist = 1 | params = fuzzy | raw_sig = 4:127+1:0:1460:8192,8:mss,nop,ws,nop,nop,sok:df,id+,ecn:0 | `----
- p0f -i eth0 'host 10.81.1.1'
Ubuntu 16.04
.-[ 10.81.1.1/58388 -> 172.16.21.194/443 (syn) ]- | | client = 10.81.1.1/58388 | os = Linux 3.11 and newer | dist = 1 | params = none | raw_sig = 4:63+1:0:1460:mss*20,7:mss,sok,ts,nop,ws:df,id+:0 | `----
Iphone IOS
- p0f -i eth0 'host 10.81.70.5
.-[ 10.81.70.5/61579 -> 17.248.146.147/443 (syn) ]- | | client = 10.81.70.5/61579 | os = Mac OS X | dist = 1 | params = generic fuzzy | raw_sig = 4:63+1:0:1460:65535,6:mss,nop,ws,nop,nop,ts,sok,eol+1:df,ecn:0 | `----
Android
- p0f -i eth0 'host 10.81.70.10
.-[ 10.81.70.10/56561 -> 216.58.207.67/443 (syn) ]- | | client = 10.81.70.10/56561 | os = Linux 2.2.x-3.x | dist = 1 | params = generic | raw_sig = 4:63+1:0:1460:65535,6:mss,sok,ts,nop,ws:df,id+:0 | `----