SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has.
Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, its approach to OS fingerprinting is becoming to be obsolete.
SinFP uses the aforementioned limitations as a basis for tests to be obsolutely avoided in used frames to identify accurately the remote operating system. That is, it only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3 (with only 1 test giving the OS reliably in most cases).
SinFP 2.04 is now available, which for the first time, can now run under Windows ActivePerl.
More info here:
SinFP has now more than 130 signatures in its database.
For Windows users, follow these instructions:
This was tested with ActivePerl 220.127.116.119, with PPM v4.0.
# If you are behind a proxy:
C:\> set http_proxy=http://username:password@proxy:port
# Add gomor repository
C:\> ppm repo add gomor http://www.gomor.org/files/ppm/repo-8xx
# Disable all other repo, if you have many. Or only ActiveState repo
# by default
C:\> ppm repo 1 off
C:\> ppm install Net-SinFP
# Re-enable all other repo
C:\> ppm repo 1 on
C:\> perl C:\perl\site\bin\sinfp.pl
If you have error messages about failing to load some .dll, go to www.microsoft.com. Then, in the search field, type in vcredist_x86.exe, download it and install it.