It was a big breakthrough to have a passive OS-fingerprinting tool after relying on Nmap and Xprobe2 for the longest time.
OS fingerprinting is a very important part of a pen-test during the information gathering stage.
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
*machines that connect to your box (SYN mode),
*machines you connect to (SYN+ACK mode),
*machine you cannot connect to (RST+ mode),
*machines whose communications you can observe.
P0f can also do many other tricks, and can detect or measure the following:
*firewall presence, NAT use (useful for policy enforcement),
*existence of a load balancer setup,
*the distance to the remote system and its uptime,
*other guy’s network hookup (DSL, OC3, avian carriers) and his ISP.
Donwload p0f v2 :