Directory
Passive Fingerprinters
These products are designed to guestimate remote operating systems, their patch level, services and sometimes even vulnerabilities. Passive fingerprinting tools analyse communications to and from a remote host whilst it goes about it's normal business. Some Network IDS now have this capability and are referred to as Target IDS where the fingerprinting information is used to prioritise IDS alerts based upon the targets potential vulnerability to the detected attack. See also Active fingerprinting tools
SinFP
Visit the Product SiteSinFP is able to fingerprint over IPv4, and over IPv6. It can do active fingerprinting, and passive fingerprinting. Online and offline modes are supported. One thing to note, passive OS fingerprinting is made to match against active fingerprinting signatu ...
P0f
Visit the Product SiteP0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the system on machines that connect to your box, machines you connect to, and even machines that merely go thru or near your box. All this even if the device is behind a fascist packet ...
Ettercap
Visit the Product SitePassive scanning of the LAN: you can retrieve info about: hosts in the lan, open ports, services version, type of the host (gateway, router or simple host) and estimated distance in hops.
ARCHAEOPTERYX
Visit the Product SiteArchaeopteryx is a Passive mode OS Identification Tool. It is based off Siphon v.666 by SubTerrain. It has a great GUI and a highly configurable OS signature file. It uses POSIX threads for multi-threading (pthreads for Win32). Also requires WinPCAP Drive ...
RNA
Visit the Product SiteSourcefire Real-time Network Awareness? (RNA) enables organizations to more confidently protect their networks through a unique patent pending combination of passive network discovery, behavioral profiling, and integrated vulnerability analysis to deliver ...
pfprintd
Visit the Product Sitepfprintd is a passive OS fingerprinting system. A daemon process pfprintf utilizes libpcap to sniff packets off the wire. By looking at the headers the program can (in some cases) determine which operating system is running on the remote machine. A client ...
Tenable Passive Vulnerability Scanner
Visit the Product SiteThe Tenable Passive Vulnerability Scanner (PVS) can find out what is happening on your network without actively scanning it. Each PVS monitors your network for vulnerable systems, watches for potential application compromises, client and server trust rela ...
Disco
Visit the Product SiteDisco is a passive IP discovery and fingerprinting utility designed to sit on segments distributed throughout a network to discover unique IP's on the network. In addition to IP discovery disco has the ability to passively fingerprint TCP SYN packets and ...
Satori
Visit the Product SiteSatori uses Winpcap and captures packets passively at the NDIS level, every packet flying by is scrutinised for information that might determine it's OS. It currently uses and parses the following protocols: CDP, DHCP, EIGRP, HPSP, HTTP, ICMP, IGMP ...