blob: 849b36e70aebd12ed94e2e8cd1addb173ede970f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>noherd</herd>
<maintainer>
<email>port001@gentoo.org</email>
<name>Ian Leitch</name>
</maintainer>
<longdescription>
The Siphon Project is a portable passive network mapping suite.
In the latest public version, Siphon passively maps TCP ports
and performs passive operating system detection.
Through the magic of RFC ambiguity and programmer uniqueness, different
machines exhibit telltale characteristics that enable Siphon to make a fairly
accurate guess at what operating system is running on machines sending packets
out over the wire. The beauty of this method is that our tool does not need
to send out a slew of non-RFC compliant packets that trip intrusion detection
systems. In fact, we send out no packets at all. Whereas nmap crashes some
machines and network hardware when performing its active OS detection tests,
Siphon would never crash remote machines. This tool could be used on active
production networks to detect that a Linux machine suddenly appeared in your
all Sun shop. As a side note, if used in conjunction with firewalling arp on
the machine you run Siphon from, it will be difficult to detect.
Siphon is available for UNIX and Win32.
</longdescription>
</pkgmetadata>
|
GitWeb
