blob: a6314b93992abc4f72ae12f16826e3cfb411554a (
plain) (
blame)
1
2
3
4
5
6
7
|
The tool is a simple flow-analyzing passive L7 fingerprinter. It
examines the sequence of client-server exchanges, their relative
layer 7 payload sizes, and transmission intervals (as opposed to
inspecting the contents, which is what most passive fingerprinters
and "smart" sniffers would do to analyze transmissions). This is
then matched against a database of traffic pattern signatures to
infer some interesting facts about the traffic.
|
