network/p0f: Updated for version 3.05b.

Signed-off-by: dsomero <xgizzmo@slackbuilds.org>

1 files changed, 14 insertions, 11 deletions

diff --git a/network/p0f/README b/network/p0f/README
index 4f31089bf4..6d725b92cf 100644
--- a/network/p0f/README
+++ b/network/p0f/README
@@ -1,12 +1,15 @@
-p0f v2 is a passive operating system fingerprinting tool.
-It can identify the OS on:
-   - machines that connect to your box (SYN mode),
-   - machines you connect to (SYN+ACK mode),
-   - machines you cannot connect to (RST+ mode),
-   - machines whose communications you can observe.
+P0f is a tool that utilizes an array of sophisticated, purely passive
+traffic fingerprinting mechanisms to identify the players behind any
+incidental TCP/IP communications (often as little as a single normal SYN)
+without interfering in any way. Version 3 is a complete rewrite of the
+original codebase, incorporating a significant number of improvements
+to network-level fingerprinting, and introducing the ability to reason
+about application-level payloads (e.g., HTTP).
 
-P0f can also detect or measure the following:
-   - firewall presence, NAT use,
-   - existence of a load balancer setup,
-   - the distance to the remote system and its uptime,
-   - other guy's network hookup (DSL, OC3, avian carriers) and his ISP.
+To build and install the optional signature and API tools, specify
+TOOLS=yes to the SlackBuild, for example
+
+  TOOLS=yes sh p0f.SlackBuild
+
+If you are upgrading from p0f version 2.0.8, please note that the files
+/etc/p0f/p0f{a,o,r}.fp are no longer used and can be removed.