p0f patch

Is anybody aware of a POM for p0f? They say there is one but
I can't find
it.

Thank you,

Tim Heagarty, CISSP, CISA, MCSE
http://www.TheaSecure.com/

(928) 533-9690
"There are 10 kinds of people in the world; those that
understand binary,
and those that don't."

Here is a link, but I have not tried the patch:

http://svn.netfilter.org/cgi-bin/viewcvs.cgi/trunk/p
atch-o-matic-ng/patchlets/osf/linux-2.6/net/ipv4/netfilter/?
rev=4018

If you are looking for something that is Netfilter-specific,
psad
implements the p0f algorithm over Netfilter log messages
(requires the
--log-tcp-options argument to iptables when creating the LOG
rule):

http://www.cipherdyne
.org/psad/

--
Michael Rash
http://www.cipherdyne.org/

Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B
A742 839F



On Jan 19, 2007, Tim Heagarty wrote:

> So does anybody know of a Netfilter/Iptables patch that
supports the p0f log
> scanning utility? The link from the p0f site to
netfilter.org is broken. I'm
> suspecting that the patch was never fully released or
supported.
> 
> 
> 
> Thank you,
> 
> Tim Heagarty, CISSP, CISA, MCSE
> http://www.TheaSecure.com/

> (928) 533-9690
> "There are 10 kinds of people in the world; those
that understand binary,
> and those that don't."
> 
> 
> -----Original Message-----
> From: netfilter-bounceslists.netfilter.org
> [mailto:netfilter-bounceslists.netfilter.org]On
Behalf Of Tim Heagarty
> Sent: Wednesday, January 17, 2007 11:44 PM
> To: netfilterlists.netfilter.org
> Subject: p0f patch
> 
> 
> Is anybody aware of a POM for p0f? They say there is
one but I can't find
> it.
> 
> Thank you,
> 
> Tim Heagarty, CISSP, CISA, MCSE
> http://www.TheaSecure.com/

> (928) 533-9690
> "There are 10 kinds of people in the world; those
that understand binary,
> and those that don't."
> 
> 
>