[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Real-world scenario for passive OS fingerprinting

Squigly wrote:
> I've been using openbsd for quite some time, nothing fancy.  I've done
> some reading about passive OS fingerprinting, and played abit with
> p0f.
> [...]
> My question is, does anyone has a real-world scenario in which this
> feature might come handy?

My favorite so far has come from Randal.  See


It doesn't block access to Windows machines, but it does ensure that
worms will never unnecessarily suck your bandwidth.

CYA is a perfectly valid reason to fingerprint (and even drop)
a connecting machine.

Tim Hammerquist