DocumentCode :
644289
Title :
k-p0f: A high-throughput kernel passive OS fingerprinter
Author :
Barnes, Jason ; Crowley, Patrick
Author_Institution :
Washington University in St. Louis, 1 Brookings Drive, Missouri 63130, USA
fYear :
2013
fDate :
21-22 Oct. 2013
Firstpage :
113
Lastpage :
114
Abstract :
Most critical security vulnerabilities depend on the OS. If a hacker finds a machine with a vulnerable OS, then he can attack the system. Network administrators can defend against OS-specific attacks if they can find vulnerable machines before hackers do, but physically checking or actively scanning a large network can take time and resources. This paper describes a modification of p0f implemented in the Linux kernel, called k-p0f, which is a tool for this problem. This paper describes the design of k-p0f and compares its performance to p0f with both laboratory-generated and real-world traffic.
Keywords :
Accuracy; Fingerprint recognition; Kernel; Laboratories; Monitoring; Security; Throughput; High-throughput; OS Fingerprinting; Passive; p0f;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Architectures for Networking and Communications Systems (ANCS), 2013 ACM/IEEE Symposium on
Conference_Location :
San Jose, CA, USA
Print_ISBN :
978-1-4799-1640-5
Type :
conf
DOI :
10.1109/ANCS.2013.6665187
Filename :
6665187
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=644289
بازگشت