On 2022/11/13 19:13, Klemens Nanni wrote: > We also have this the newer version as of > > revision 1.1.1.1 > date: 2015/01/08 22:03:20; author: sthen; state: Exp; lines: +0 -0; > import security/p0f3 (separate non-conflicting port to p0f as the rewrite uses > different database files than the earlier one / pf / tcpdump), ok giovanni@ > > Any reason to still keep the old one around?
yes, this is the one which uses the same format as /etc/pf.os > I guess users should've migrated by now. > --- > Information for > https://cdn.openbsd.org/pub/OpenBSD/snapshots/packages/amd64/p0f-2.0.8p3.tgz > > Comment: > passive OS fingerprinting tool > > Description: > Passive OS fingerprinting technique based on information coming from a > remote host when it establishes a connection to our system. Captured > packets contain enough information to determine the remote OS. Unlike > active scanners like Nmap or QueSO, p0f identifies the remote OS without > sending anything to it. > > Maintainer: Nigel Taylor <ni...@openbsd.org> > > WWW: http://lcamtuf.coredump.cx/p0f.shtml > >
