Thus spake Dominic Marks ([EMAIL PROTECTED]) [19/04/05 07:18]:
: On Tuesday 19 April 2005 12:11, pck wrote:
: > Hi,
: >
: > How can i hide from nmap that my OS is FreeBSD? Is this possible?
:
: # sysctl -ad | grep random_id
: net.inet.ip.random_id: Assign random ip_id values
: # echo 'net.inet.ip.random_id=1' >> /etc/sysctl.conf
That doesn't hide the OS. That just makes the IP ID field random.
One way to help:
echo "net.inet.tcp.drop_synfin=1' >> /etc/sysctl.conf
(Note that you need the "options TCP_DROP SYNFIN" line in your kernel
config.)
Other than that... randomize the packet fingerprint data. I know there's
been at least one daemon that did this on Linux, as well as a kernel patch
that did the same. But I'd ask: why? You're doing a significant amount of
work for very little in return.
- Damian
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
