Well, it has been a pretty slow weekend at the ol' Storm Center. As someone who is always on the lookout for new and interesting tools, I did see an announcement of a tool that I am unfamiliar with, but plan to check out because it looks kind of interesting. It is called sinFP. It is an OS fingerprinting tool in Perl and version 2.03 was released early next week. The papers about it are in French (which I don't read), but the web page claims that it overcomes some limitations in nmap's OS fingerprinting. It also claims to be able to do OS fingerprinting of IPv6 traffic. If any of our readers have any experience with the tool, I'd like to hear from you. Also, if you know of any other interesting tools, please drop us a note at the contact page.
Jim Clausing, jclausing --at-- isc dot sans dot org
I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - Live Online
Nov 6th 2006
1 decade ago