Re: Defeating NMAP scans



Sunny <sun4udee@xxxxxxxxx> wrote:
> Is there any way to distinguish the probe packets
> sent by NMAP and the normal communication packets..??? Also can we
> modify the responses to the nmap probes so that it could not recognise
> the remote OS and the services???

A quick google (keywords "nmap fingerprint fake result")
could have picked out the answers to these questions. See
http://www.attackprevention.com/article/430 for just some options.

Chris
.



Relevant Pages

  • Re: Defeating NMAP scans
    ... > sent by NMAP and the normal communication packets..??? ... > modify the responses to the nmap probes so that it could not recognise ... > machine by sending some packets in specfic order. ... As Rick said, just let port scans remain possible. ...
    (comp.os.linux.security)
  • Defeating NMAP scans
    ... sent by NMAP and the normal communication packets..??? ... modify the responses to the nmap probes so that it could not recognise ... the remote OS and the services??? ... machine by sending some packets in specfic order. ...
    (comp.os.linux.security)
  • Re: microsoft security baseline analyzer (MSBA) equivalent
    ... >post the responses.) ... Doesn't nmap cover all that? ... donnie. ...
    (alt.computer.security)