Re: How can I erase my fingertips .
From: Jon DeShirley (jond@uidaho.edu)
Date: 03/28/02
- Next message: Bjoern Engels: "Re: How can I erase my fingertips ."
- Previous message: Alvaro Pereira: "Re: How can I erase my fingertips ."
- In reply to: Moti Levy: "How can I erase my fingertips ."
- Next in thread: Kris Kennaway: "Re: How can I erase my fingertips ."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Mar 2002 12:33:03 -0800 (PST) From: Jon DeShirley <jond@uidaho.edu> To: Moti Levy <moti@flncs.com>
On 28 Mar, Moti Levy wrote:
> I want to stop nmap from detecting my os .
If you use ipfilter, use this rule:
block in quick on xl0 proto tcp all flags FUP
Also, to be truly sure:
block in quick all with ipopts
block in quick all with short
block in quick all with frag
And in your kernel (if you've read the caveats in LINT)
options TCP_DROP_SYNFIN
These should do a reasonably good job of hiding your from NMAP scans.
Of course, these don't really hide you from passive OS fingerprinting
with tools like Siphon, but that's another matter entirely.
--jon
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Bjoern Engels: "Re: How can I erase my fingertips ."
- Previous message: Alvaro Pereira: "Re: How can I erase my fingertips ."
- In reply to: Moti Levy: "How can I erase my fingertips ."
- Next in thread: Kris Kennaway: "Re: How can I erase my fingertips ."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
