Date: Thu, 28 Mar 2002 21:39:51 +0100 From: Bjoern Engels <bjoern.engels@mail.isis.de> To: freebsd-security@freebsd.org, Moti Levy <moti@flncs.com> Subject: Re: How can I erase my fingertips . Message-ID: <E16qggb-000Ndz-00@pumaman.dyndns.org> In-Reply-To: <20020328172259.C73793-100000@cianet.cianet.ind.br> References: <20020328172259.C73793-100000@cianet.cianet.ind.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, 28. March 2002 21:25, Alvaro Pereira wrote: > On Thu, 28 Mar 2002, Moti Levy wrote: > > I want to stop nmap from detecting my os . > from /usr/src/sys/i386/conf/LINT > > # > # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. > This # prevents nmap et al. from identifying the TCP/IP stack, but > breaks support # for RFC1644 extensions and is not recommended for > web servers. # > options TCP_DROP_SYNFIN #drop TCP packets with > SYN+FIN > Additionally, add # RANDOM_IP_ID causes the ID field in IP packets to be randomized options RANDOM_IP_ID and change the default TTL. Bjoern --=20 "The number of Unix installations has grown to ten, with more expected" -- The Unix programmers handbook, 1972 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E16qggb-000Ndz-00>