new package, #22181

1 files changed, 26 insertions, 0 deletions

diff --git a/net-analyzer/siphon/metadata.xml b/net-analyzer/siphon/metadata.xml
new file mode 100644
index 000000000000..849b36e70aeb
--- /dev/null
+++ b/net-analyzer/siphon/metadata.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>noherd</herd>
+<maintainer>
+    <email>port001@gentoo.org</email>
+    <name>Ian Leitch</name>
+</maintainer>
+<longdescription>
+The Siphon Project is a portable passive network mapping suite.
+In the latest public version, Siphon passively maps TCP ports
+and performs passive operating system detection.
+Through the magic of RFC ambiguity and programmer uniqueness, different
+machines exhibit telltale characteristics that enable Siphon to make a fairly
+accurate guess at what operating system is running on machines sending packets
+out over the wire. The beauty of this method is that our tool does not need
+to send out a slew of non-RFC compliant packets that trip intrusion detection
+systems. In fact, we send out no packets at all. Whereas nmap crashes some
+machines and network hardware when performing its active OS detection tests,
+Siphon would never crash remote machines. This tool could be used on active
+production networks to detect that a Linux machine suddenly appeared in your
+all Sun shop. As a side note, if used in conjunction with firewalling arp on
+the machine you run Siphon from, it will be difficult to detect.
+Siphon is available for UNIX and Win32. 
+</longdescription>
+</pkgmetadata>