Hello, Is there a way to fingerprinting operating systems in zeek? I have done some testing using *OS_version_found* event https://docs.zeek.org/en/stable/scripts/base/bif/event.bif.bro.html#id-OS_v… and by modify this old script: https://github.com/ewust/telex/blob/master/telex-station/station/bro-1.5.1/… But without much success. I stumpled upon the (WIP) release notes from Zeek 3.1.0 and read the following: - Removed p0f (passive OS fingerprinting) support. The version of p0f shipped with zeek was ancient, probably did not give any reliable support anymore and did not offer a clear upgrade path. The ``OS_version_found`` event as well as the ``generate_OS_version_event`` configuration option were removed. So I'm assuming my apprach it will be a failure. Is there another way to get OS information? Are there some zeek scripts that offer this functionality? -- Federico Foschini. _______________________________________________ Zeek mailing list zeek(a)zeek.org http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek