• DocumentCode
    644289
  • Title

    k-p0f: A high-throughput kernel passive OS fingerprinter

  • Author

    Barnes, Jason ; Crowley, Patrick

  • Author_Institution
    Washington University in St. Louis, 1 Brookings Drive, Missouri 63130, USA
  • fYear
    2013
  • fDate
    21-22 Oct. 2013
  • Firstpage
    113
  • Lastpage
    114
  • Abstract
    Most critical security vulnerabilities depend on the OS. If a hacker finds a machine with a vulnerable OS, then he can attack the system. Network administrators can defend against OS-specific attacks if they can find vulnerable machines before hackers do, but physically checking or actively scanning a large network can take time and resources. This paper describes a modification of p0f implemented in the Linux kernel, called k-p0f, which is a tool for this problem. This paper describes the design of k-p0f and compares its performance to p0f with both laboratory-generated and real-world traffic.
  • Keywords
    Accuracy; Fingerprint recognition; Kernel; Laboratories; Monitoring; Security; Throughput; High-throughput; OS Fingerprinting; Passive; p0f;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Architectures for Networking and Communications Systems (ANCS), 2013 ACM/IEEE Symposium on
  • Conference_Location
    San Jose, CA, USA
  • Print_ISBN
    978-1-4799-1640-5
  • Type

    conf

  • DOI
    10.1109/ANCS.2013.6665187
  • Filename
    6665187
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=644289