Quote:
I noticed that Michal Zalewski has released a new version of P0f to
include many more passive OS detection techniques. Although this is
very different than the active Nmap approach, many of the techniques
can easily apply to active probing. I have been discussing them with
Michal and will probably add several to Nmap along with a list of
other OS detection tests I have been keeping. In particular, the
closed-TCP-port reset tests would be valuable against hosts that have
no reachable open ports. The use of the URG pointer and the WSS to
MSS/MTU correlation also have strong potential. This probably won't
happen until 2004 though, after version detection has stabilized and
some other Nmap-related projects are finished.
Quote:
Among other things, p0f v2 introduces SYN+ACK and RST+ support, advanced masquerade detection, major performance and reliability improvements, 16 new packet checks (many of them invented for p0f), a number of fingerprinting extensions (link detection, network detection, fw detection, ECN handling, source network detection, etc), a considerably more accurate and thought out OS database with wildcard support, service integration support, many usability features, some fairly important bug fixes.
