Permalink
Browse files

Updated to the latest p0f signatures from OpenBSD

Updated to the latest p0f signatures in the pf.os file from the OpenBSD
project.
  • Loading branch information...
1 parent 4b2794f commit eb7266cd9403e6ccbeb516e2b5ce37edb3a0a786 @mrash committed Jul 27, 2011
Showing with 11 additions and 9 deletions.
  1. +11 −9 pf.os
View
20 pf.os
@@ -1,4 +1,4 @@
-# $OpenBSD: pf.os,v 1.19 2005/05/25 08:15:12 david Exp $
+# $OpenBSD: pf.os,v 1.25 2010/10/18 15:55:27 deraadt Exp $
# passive OS fingerprinting
# -------------------------
#
@@ -226,7 +226,6 @@ S3:64:1:60:M*,S,T,N,W0: Linux:2.4:.18-21:Linux 2.4.18 and newer
S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6 <= 2.6.7
S4:64:1:60:M*,S,T,N,W0: Linux:2.6:.1-7:Linux 2.4/2.6 <= 2.6.7
S4:64:1:60:M*,S,T,N,W7: Linux:2.6:8:Linux 2.6.8 and newer (?)
-S4:64:1:60:M*,S,T,N,W6: Linux:2.6:17:Linux 2.6.17 and newer (?)
S3:64:1:60:M*,S,T,N,W1: Linux:2.5::Linux 2.5 (sometimes 2.4)
S4:64:1:60:M*,S,T,N,W1: Linux:2.5-2.6::Linux 2.5/2.6
@@ -299,12 +298,15 @@ S22:64:1:52:M*,N,N,S,N,W0: Linux:2.2:ts:Linux 2.2 w/o timestamps
# ----------------- OpenBSD -----------------
16384:64:0:60:M*,N,W0,N,N,T: OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6)
-16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.7::OpenBSD 3.0-3.7
-16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.7:no-df:OpenBSD 3.0-3.7 (scrub no-df)
-57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.7::OpenBSD 3.3-3.7
-57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.7:no-df:OpenBSD 3.3-3.7 (scrub no-df)
+16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-4.8::OpenBSD 3.0-4.8
+16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-4.8:no-df:OpenBSD 3.0-4.8 (scrub no-df)
+57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-4.0::OpenBSD 3.3-4.0
+57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-4.0:no-df:OpenBSD 3.3-4.0 (scrub no-df)
-65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.7:opera:OpenBSD 3.0-3.7 (Opera)
+65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-4.0:opera:OpenBSD 3.0-4.0 (Opera)
+
+16384:64:1:64:M*,N,N,S,N,W3,N,N,T: OpenBSD:4.9::OpenBSD 4.9
+16384:64:0:64:M*,N,N,S,N,W3,N,N,T: OpenBSD:4.9:no-df:OpenBSD 4.9 (scrub no-df)
# ----------------- Solaris -----------------
@@ -320,7 +322,7 @@ S44:255:1:44:M*: Solaris:2.7::Solaris 7
4096:64:0:44:M1460: SunOS:4.1::SunOS 4.1.x
S34:64:1:52:M*,N,W0,N,N,S: Solaris:10:beta:Solaris 10 (beta)
-32850:64:1:64:M*,N,N,T,N,W1,N,N,S: Solaris:10::Solaris 10 1203
+32850:64:1:64:M*,N,N,T,N,W1,N,N,S: Solaris:10::Solaris 10 1203
# ----------------- IRIX --------------------
@@ -362,7 +364,7 @@ S34:64:1:52:M*,N,W0,N,N,S: Solaris:10:beta:Solaris 10 (beta)
# ----------------- Windows -----------------
# Windows TCP/IP stack is a mess. For most recent XP, 2000 and
-# even 98, the pathlevel, not the actual OS version, is more
+# even 98, the patchlevel, not the actual OS version, is more
# relevant to the signature. They share the same code, so it would
# seem. Luckily for us, almost all Windows 9x boxes have an
# awkward MSS of 536, which I use to tell one from another

0 comments on commit eb7266c

Please sign in to comment.