On Thu, Nov 03, 2005 at 01:48:56PM -0200, Gustavo Rios wrote:
> Right now, i am running into bussiness. I would like my client to get
> focused into the solution only. I don't want to give him a chance to
> compare my proposal to other.
>
> that's why.
Now *there*'s a noble goal...
Anyway, you do know that there are plenty of other ways to discover
this? You should at least mess with the setting until p0f doesn't
identify it either.
(For one, I seem to recall OpenBSD and some Cisco stuff (IOS?) being the
only two more-or-less common operating systems, if you can call IOS
that, to use TTL 64 - and since it's obviously not Cisco, that would
nail it down quickly. I might be wrong, though - I was never much
interested in preventing fingerprinting. Removing some banners is fine,
but that'll be all.)
But that's the technical point. I wouldn't be very likely to trust
someone who has apparently gone to the crutch of blocking nmap. (After
all, if the system was secure, such crutches wouldn't be necessary would
they?)
Joachim
