Date: Mon, 8 Jul 2002 07:45:50 -0700 (PDT) From: Don Lewis <dl-freebsd@catspoiler.org> To: rgbrenner@myrealbox.com Cc: laurence@fluxinc.com, freebsd-security@FreeBSD.ORG Subject: Re: hiding OS name Message-ID: <200207081445.g68Ejowr000591@gw.catspoiler.org> In-Reply-To: <200207080834.53431.rgbrenner@myrealbox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8 Jul, Ramsey G. Brenner wrote: > From /sys/i386/conf/LINT > # > # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This > # prevents nmap et al. from identifying the TCP/IP stack, but breaks support > # for RFC1644 extensions and is not recommended for web servers. Only until someone enhances nmap to detect this signature and identify the host as running FreeBSD with the TCP_DROP_SYNFIN option enabled. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207081445.g68Ejowr000591>