mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-24 00:45:52 +00:00
fc454f85a8
examines the sequence of client-server exchanges, their relative layer 7 payload sizes, and transmission intervals (as opposed to inspecting the contents, which is what most passive fingerprinters and "smart" sniffers would do to analyze transmissions). This is then matched against a database of traffic pattern signatures to infer some interesting facts about the traffic. PR: ports/106351 Submitted by: trasz <trasz at pin.if.uz.zgora.pl>
8 lines
440 B
Plaintext
8 lines
440 B
Plaintext
The tool is a simple flow-analyzing passive L7 fingerprinter. It
|
|
examines the sequence of client-server exchanges, their relative
|
|
layer 7 payload sizes, and transmission intervals (as opposed to
|
|
inspecting the contents, which is what most passive fingerprinters
|
|
and "smart" sniffers would do to analyze transmissions). This is
|
|
then matched against a database of traffic pattern signatures to
|
|
infer some interesting facts about the traffic.
|