dhcpcfp
scans the DHCP client REQUEST packet and creates a report
with the fingerprinting data found, the differences of that data with
dhcpcanon
and how to avoid to be fingerprinted through DHCP.
It can be run in the following ways:
This way it the recommended one for end users. Without any arguments, it will by default: 1. Obtain a DHCP Request packet scanning in active network interface.
It will only scan for packets generated from the same interface, therefore it can take some time unless the interface is restarted.
- It will query a database with DHCP fingerprints to try to guess device and/or operating system. TBD
- It will generate a report with the datapoints found, the guessed devices/ operating system and recommendations on DHCP clients less fingerprintable.
__ADVICE__: this is only recommended for demonstration purposes. It is strongly discouraged to run in a network without informed consent from other users of the network.
In this way dhcpcfp
will scan for DHCP packets not only generated by the
same machine where it runs, but also from the local network.
TBD
In this way dhcpcfp
do not scans the network, but obtain the DHCP packets
from a pcap
file.
TBD
Providing a DHCP fingerprint (Parameter Request List option) and/or DHCP vendor option obtained running this same program previously or TBD...