| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Sep 2003 15:11:01 -0400 From: "Parker, Jeff (MSE)" <jeff.t.parker@...com> To: "thetic" <thetic_1900@...mail.com>, "Michal Zalewski" <lcamtuf@...ttot.org>, <honeypots@...urityfocus.com>, <pen-test@...urityfocus.com>, <focus-ids@...urityfocus.com>, <sectools@...urityfocus.com> Cc: <incidents@...urityfocus.com>, <bugtraq@...urityfocus.com>, <full-disclosure@...sys.com> Subject: RE: Re: [tool] the new p0f 2.0.1 is now out Umer, Running p0f does not necessarily offer a stimulus/response test. Regarding detecting a machine with p0f installed/running, you may have better success simply trying to detect for any network adapter in promiscuous mode. And there's tons of info available on that... HTH, -jeff parker -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of thetic Sent: Thursday, September 04, 2003 2:20 PM To: Michal Zalewski; honeypots@...urityfocus.com; pen-test@...urityfocus.com; focus-ids@...urityfocus.com; sectools@...urityfocus.com Cc: incidents@...urityfocus.com; bugtraq@...urityfocus.com; full-disclosure@...sys.com Subject: [Full-Disclosure] Re: [tool] the new p0f 2.0.1 is now out Question concerning the the POF, how can we setup a IDS to detect a POF scan. umer _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists