VPN detection (P0f MTU)

Linux VPN detection (P0f MTU) V3

No permission to download
Please Login or Register to view content

1. What's this?

P0f is a tool that utilizes an array of sophisticated, purely passive traffic
fingerprinting mechanisms to identify the players behind any incidental TCP/IP
communications (often as little as a single normal SYN) without interfering in
any way.

Some of its capabilities include:

- Highly scalable and extremely fast identification of the operating system
and software on both endpoints of a vanilla TCP connection - especially in
settings where NMap probes are blocked, too slow, unreliable, or would
simply set off alarms,

- Measurement of system uptime and network hookup, distance (including
topology behind NAT or packet filters), and so on.

- Automated detection of connection sharing / NAT, load balancing, and
application-level proxying setups.

- Detection of dishonest clients / servers that forge declarative statements
such as X-Mailer or User-Agent.

The tool can be operated in the foreground or as a daemon, and offers a simple
real-time API for third-party components that wish to obtain additional
information about the actors they are talking to.

Common uses for p0f include reconnaissance during penetration tests; routine
network monitoring; detection of unauthorized network interconnects in corporate
environments; providing signals for abuse-prevention tools; and miscellanous
First release
Last update
0.00 star(s) 0 ratings

More resources from Marks-Man

detection mtu vpn