fl0p - passive L7 flow fingerprinting tool Date: Monday, December 04 @ 18:46:02 MST Topic: LINUX/UNIX/*NIX Related "fl0p is a simple flow-analyzing passive L7 fingerprinter. It examines the sequence of client-server exchanges, their relative layer 7 payload sizes, and transmission intervals (as opposed to inspecting the contents, which is what most passive fingerprinters and "smart" sniffers would do to analyze transmissions). This is then matched against a database of traffic pattern signatures to infer some interesting facts about the traffic." Download: Here This article comes from KnowledgeCave - Network Security News http://www.knowledgecave.com/ The URL for this story is: http://www.knowledgecave.com//modules.php?name=News&file=article&sid=422