The Siphon Project is a portable passive network mapping suite. In the latest public version, Siphon passively maps TCP ports and performs passive operating system detection. Through the magic of RFC ambiguity and programmer uniqueness, different machines exhibit telltale characteristics that enable Siphon to make a fairly accurate guess at what operating system is running on machines sending packets out over the wire. The beauty of this method is that our tool does not need to send out a slew of non-RFC compliant packets that trip intrusion detection systems. In fact, we send out no packets at all. Whereas nmap crashes some machines and network hardware when performing its active OS detection tests, Siphon would never crash remote machines. Siphon is available for UNIX and Win32.
No homepage
None
None
None