Date: Sat, 14 Jul 2012 13:14:29 GMT From: Denis Pokataev <catone@cpan.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: fbsd-ports@opsec.eu Subject: ports/169855: [NEW PORT] net-mgmt/p0f2: Passive OS fingerprinting tool Message-ID: <201207141314.q6EDET9Q097670@cctld.dev.vega.ru> Resent-Message-ID: <201207141320.q6EDK1R5002965@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 169855 >Category: ports >Synopsis: [NEW PORT] net-mgmt/p0f2: Passive OS fingerprinting tool >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jul 14 13:20:01 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Denis Pokataev >Release: FreeBSD 8.3-STABLE-20120501 amd64 >Organization: >Environment: System: FreeBSD hostname 8.3-STABLE-20120501 FreeBSD 8.3-STABLE-20120501 #0: Tue May 1 00:27:34 UTC >Description: Current port net-mgmt/p0f has been switched to 3 version of p0f, but it still has too small fingerprints database. p0f version 2 gives better results then 3, especially when used with updated databases like https://tools.netsa.cert.org/confluence/display/tt/p0f+fingerprints We are using version 2, and I'm pretty sure that we are not the only ones. So, I'm sure that until p0f3 becomes comparable with p0f2, it is better to have both in ports collection. Thanks in advance. Diff with last p0f-2* port: change PORTNAME to p0f2 bump PORTREVISION add CONFLICTS add pkg-plist Generated with FreeBSD Port Tools 0.99_6 (mode: new) >How-To-Repeat: >Fix: --- .shar begins here --- # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # p0f2 # p0f2/pkg-descr # p0f2/distinfo # p0f2/Makefile # p0f2/pkg-plist # echo c - p0f2 mkdir -p p0f2 > /dev/null 2>&1 echo x - p0f2/pkg-descr sed 's/^X//' >p0f2/pkg-descr << '9829b75b2004521ef105a6b96b978ed6' Xfrom the README: X XPassive OS fingerprinting is based on information coming from a remote host Xwhen it establishes a connection to our system. Captured packets contain Xenough information to identify the operating system. In contrast to active Xscanners such as nmap and QueSO, p0f does not send anything to the host being Xidentified. X XFor more information, read Spitzner's text at: Xhttp://www.enteract.com/~lspitz/finger.html . X Xfrom the maintainer: X XUse of this program requires read access to the packet filtering Xdevice, typically /dev/bpf0. Granting such access allows the users Xwho have it to put your Ethernet device into promiscuous mode and Xsniff your network. See Xhttp://www.infoworld.com/articles/op/xml/00/05/29/000529opswatch.xml Xif you do not understand how this can be harmful. Running p0f with Xno options will cause it to analyse packets intended for other Xhosts. X XWWW: http://lcamtuf.coredump.cx/p0f.shtml 9829b75b2004521ef105a6b96b978ed6 echo x - p0f2/distinfo sed 's/^X//' >p0f2/distinfo << '71da233fe2ef0a77bf9f200758e84b11' XSHA256 (p0f-2.0.8.tgz) = 6c4d8745f04e59f2ba68d56fd1554551592f08a0497c9fc21b84498f47d1aee0 XSIZE (p0f-2.0.8.tgz) = 136877 71da233fe2ef0a77bf9f200758e84b11 echo x - p0f2/Makefile sed 's/^X//' >p0f2/Makefile << '24f3ce91f8561bd64518b00d6e5d7ca3' X# New ports collection makefile for: p0f X# Date created: 2000-06-12 X# Whom: Trevor Johnson X# X# $FreeBSD$ X# X XPORTNAME= p0f2 XPORTVERSION= 2.0.8 XPORTREVISION= 2 XCATEGORIES= net-mgmt security XMASTER_SITES= http://lcamtuf.coredump.cx/p0f/ \ X http://farrokhi.net/distfiles/ XDISTNAME= p0f-${DISTVERSION} XEXTRACT_SUFX= .tgz X XMAINTAINER= ports@FreeBSD.org XCOMMENT= Passive OS fingerprinting tool X XCONFLICTS= p0f-3.* X XUSE_GMAKE= yes XALL_TARGET= all p0fq tools XPORTDOCS= COPYING CREDITS ChangeLog KNOWN_BUGS README TODO win-memleak.txt XMAN1= p0f.1 XWRKSRC= ${WRKDIR}/p0f X Xpost-patch: X.for f in config.h doc/README X @${REINPLACE_CMD} -e 's|/etc|${PREFIX}/etc|g' ${WRKSRC}/${f} X.endfor X Xdo-install: X.for ii in p0f test/p0fq test/sendack test/sendack2 test/sendsyn X ${INSTALL_PROGRAM} ${WRKSRC}/${ii} ${PREFIX}/bin X.endfor X ${INSTALL_SCRIPT} ${WRKSRC}/p0frep ${PREFIX}/bin X ${MKDIR} ${PREFIX}/etc/p0f X.for ii in . a. o. r. X ${INSTALL_DATA} ${WRKSRC}/p0f${ii}fp ${PREFIX}/etc/p0f X.endfor X ${INSTALL_MAN} ${WRKSRC}/${MAN1} ${MANPREFIX}/man/man1 X X.if !defined(NOPORTDOCS) X ${MKDIR} ${DOCSDIR} X.for ii in ${PORTDOCS} X ${INSTALL_DATA} ${WRKSRC}/docs/${ii} ${DOCSDIR} X.endfor X.endif X X.include <bsd.port.mk> 24f3ce91f8561bd64518b00d6e5d7ca3 echo x - p0f2/pkg-plist sed 's/^X//' >p0f2/pkg-plist << 'a08217460a9b124deed32981d415a00b' Xbin/p0f Xbin/p0fq Xbin/p0frep Xbin/sendack Xbin/sendack2 Xbin/sendsyn Xetc/p0f/p0f.fp Xetc/p0f/p0fa.fp Xetc/p0f/p0fo.fp Xetc/p0f/p0fr.fp X@dirrmtry etc/p0f a08217460a9b124deed32981d415a00b exit --- .shar ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207141314.q6EDET9Q097670>