Re: Defeating NMAP scans

From: chris-usenet@xxxxxxxxxxxx
Date: Wed, 25 Jan 2006 09:40:34 +0000

Sunny <sun4udee@xxxxxxxxx> wrote:
> Is there any way to distinguish the probe packets
> sent by NMAP and the normal communication packets..??? Also can we
> modify the responses to the nmap probes so that it could not recognise
> the remote OS and the services???

A quick google (keywords "nmap fingerprint fake result")
could have picked out the answers to these questions. See
http://www.attackprevention.com/article/430 for just some options.

Chris
.

References:
- Defeating NMAP scans
  - From: Sunny

Prev by Date: Re: Urgently ! need help about iptable and internet gateway/firewall
Next by Date: Re: Urgently ! need help about iptable and internet gateway/firewall
Previous by thread: Re: Defeating NMAP scans
Next by thread: Urgently ! need help about iptable and internet gateway/firewall
Index(es):
- Date
- Thread

Relevant Pages

Re: Defeating NMAP scans
... > sent by NMAP and the normal communication packets..??? ... > modify the responses to the nmap probes so that it could not recognise ... > machine by sending some packets in specfic order. ... As Rick said, just let port scans remain possible. ...
(comp.os.linux.security)
Defeating NMAP scans
... sent by NMAP and the normal communication packets..??? ... modify the responses to the nmap probes so that it could not recognise ... the remote OS and the services??? ... machine by sending some packets in specfic order. ...
(comp.os.linux.security)
Re: microsoft security baseline analyzer (MSBA) equivalent
... >post the responses.) ... Doesn't nmap cover all that? ... donnie. ...
(alt.computer.security)