Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS Fingerprinting in OpenBSD's PF Firewall

Posted by Hemos on from the filtering-it-through dept.

Dan writes "Mike Frantzen has committed "Passive operating system fingerprinting" to PF which exposes the source host's OS to the filter language. The goal of this work is to allow firewalling decisions to take place based not only on the source of a connection, but the operating system of that source. Powerful policy enforcement is now possible such as redirecting all older windows boxes to a web site telling them to upgrade. Or blocking all windows boxes from connecting to mail servers (damn worms). A writeup can be found here. Please help contribute to the OS fingerprint database by going to http://lcamtuf.coredump.cx/p0f-help/ and typing in your OS description if it does not recognize your OS." Sorry - my fault. It is a dupe.

1 of 52 comments (clear)

  1. MAJOR DUPE by MBCook · · Score: 1, Offtopic
    OK, this is a dupe of the LAST STORY IN THE BSD SECTION. Come on guys.

    Origonal.

    --
    Comment forecast: Bits of genius surrounded by a sea of mediocrity.