Re: How can I erase my fingertips .

From: Bjoern Engels (bjoern.engels@mail.isis.de)
Date: 03/28/02


From: Bjoern Engels <bjoern.engels@mail.isis.de>
To: freebsd-security@freebsd.org, Moti Levy <moti@flncs.com>
Date: Thu, 28 Mar 2002 21:39:51 +0100

On Thursday, 28. March 2002 21:25, Alvaro Pereira wrote:

> On Thu, 28 Mar 2002, Moti Levy wrote:
> > I want to stop nmap from detecting my os .

> from /usr/src/sys/i386/conf/LINT
>
> #
> # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN.
> This # prevents nmap et al. from identifying the TCP/IP stack, but
> breaks support # for RFC1644 extensions and is not recommended for
> web servers. #
> options TCP_DROP_SYNFIN #drop TCP packets with
> SYN+FIN
>

Additionally, add

# RANDOM_IP_ID causes the ID field in IP packets to be randomized
options RANDOM_IP_ID

and change the default TTL.

Bjoern

-- 
"The number of Unix installations has grown to ten, with more expected"
                -- The Unix programmers handbook, 1972
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: How can I erase my fingertips .
    ... On 28 Mar, Moti Levy wrote: ... > I want to stop nmap from detecting my os. ... If you use ipfilter, use this rule: ... These should do a reasonably good job of hiding your from NMAP scans. ...
    (FreeBSD-Security)
  • Re: How can I erase my fingertips .
    ... > I want to stop nmap from detecting my os. ... You might be able to fool nmap, ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)