Re: How can I erase my fingertips .
From: Bjoern Engels (bjoern.engels@mail.isis.de)
Date: 03/28/02
- Next message: kerberus: "Re: pf OR ipf ?"
- Previous message: Jon DeShirley: "Re: How can I erase my fingertips ."
- In reply to: Alvaro Pereira: "Re: How can I erase my fingertips ."
- Next in thread: Moti Levy: "Re: How can I erase my fingertips ."
- Reply: Moti Levy: "Re: How can I erase my fingertips ."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Bjoern Engels <bjoern.engels@mail.isis.de> To: freebsd-security@freebsd.org, Moti Levy <moti@flncs.com> Date: Thu, 28 Mar 2002 21:39:51 +0100
On Thursday, 28. March 2002 21:25, Alvaro Pereira wrote:
> On Thu, 28 Mar 2002, Moti Levy wrote:
> > I want to stop nmap from detecting my os .
> from /usr/src/sys/i386/conf/LINT
>
> #
> # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN.
> This # prevents nmap et al. from identifying the TCP/IP stack, but
> breaks support # for RFC1644 extensions and is not recommended for
> web servers. #
> options TCP_DROP_SYNFIN #drop TCP packets with
> SYN+FIN
>
Additionally, add
# RANDOM_IP_ID causes the ID field in IP packets to be randomized
options RANDOM_IP_ID
and change the default TTL.
Bjoern
--
"The number of Unix installations has grown to ten, with more expected"
-- The Unix programmers handbook, 1972
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: kerberus: "Re: pf OR ipf ?"
- Previous message: Jon DeShirley: "Re: How can I erase my fingertips ."
- In reply to: Alvaro Pereira: "Re: How can I erase my fingertips ."
- Next in thread: Moti Levy: "Re: How can I erase my fingertips ."
- Reply: Moti Levy: "Re: How can I erase my fingertips ."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
