Re: How can I erase my fingertips .

From: Jon DeShirley (jond@uidaho.edu)
Date: 03/28/02


Date: Thu, 28 Mar 2002 12:33:03 -0800 (PST)
From: Jon DeShirley <jond@uidaho.edu>
To: Moti Levy <moti@flncs.com>

On 28 Mar, Moti Levy wrote:
> I want to stop nmap from detecting my os .

If you use ipfilter, use this rule:

block in quick on xl0 proto tcp all flags FUP

Also, to be truly sure:

block in quick all with ipopts
block in quick all with short
block in quick all with frag

And in your kernel (if you've read the caveats in LINT)

options TCP_DROP_SYNFIN

These should do a reasonably good job of hiding your from NMAP scans.
Of course, these don't really hide you from passive OS fingerprinting
with tools like Siphon, but that's another matter entirely.

--jon

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: How can I erase my fingertips .
    ... March 2002 21:25, Alvaro Pereira wrote: ... >> I want to stop nmap from detecting my os. ... -- The Unix programmers handbook, ...
    (FreeBSD-Security)
  • Re: How can I erase my fingertips .
    ... > I want to stop nmap from detecting my os. ... You might be able to fool nmap, ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)