A remotely accessible network processor-based router for network experimentation
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Comparing and improving current packet capturing solutions based on commodity hardware
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
A Passive Network Appliance for Real-Time Network Monitoring
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
| Hi-index | 0.00 |
Most critical security vulnerabilities depend on the OS. If a hacker finds a machine with a vulnerable OS, then he can attack the system. Network administrators can defend against OS-specific attacks if they can find vulnerable machines before hackers do, but physically checking or actively scanning a large network can take time and resources. This paper describes a modification of p0f implemented in the Linux kernel, called k-p0f, which is a tool for this problem. This paper describes the design of k-p0f and compares its performance to p0f with both laboratory-generated and real-world traffic.