Skip to main content

Passive Fingerprinters

Passive OS/Vulnerability Fingerprinting Applications

 These products are designed to guestimate remote operating systems, their patch level, services and sometimes even vulnerabilities.  Passive fingerprinting tools analyse communications to and from a remote host whilst it goes about it's normal business. Some Network IDS now have this capability and are referred to as Target IDS where the fingerprinting information is used to prioritise IDS alerts based upon the targets potential vulnerability to the detected attack.


See also Active fingerprinting tools

Alberto Ornaghi, Marco Valleri

Passive scanning of the LAN: you can retrieve info about: hosts in the lan, open ports, services version, type of the host (gateway, router or simple host) and estimated distance in hops.

Tenable Network Security Inc

The Tenable Passive Vulnerability Scanner (PVS) can find out what is happening on your network without actively scanning it. Each PVS monitors your network for vulnerable systems, watches for potential application compromises, client and server trust rela ...


Michal Zalewski (

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 ...