Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 28 Mar 2002 17:37:17 -0500
From:      "Moti Levy" <>
To:        <>
Subject:   Re: How can I erase my fingertips .
Message-ID:  <000001c1d6a9$2eb649c0$fd6e34c6@moti>
References:  <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
thanks Bjoern Engels
Before :
No exact OS matches for host (If you know what OS is running on it, see
TCP/IP fingerprint:

After :
options         RANDOM_IP_ID
and sysctl net.inet.ip.ttl=68 instead of 64
Remote operating system guess: AIX on an IBM RS/*
Uptime 0.003 days (since Thu Mar 28 17:25:37 2002)
TCP Sequence Prediction: Class=truly random
                         Difficulty=9999999 (Good luck!)
IPID Sequence Generation: Randomized

----- Original Message -----
From: "Bjoern Engels" <>
To: <>; "Moti Levy" <>
Sent: Thursday, March 28, 2002 3:39 PM
Subject: Re: How can I erase my fingertips .

On Thursday, 28. March 2002 21:25, Alvaro Pereira wrote:

> On Thu, 28 Mar 2002, Moti Levy wrote:
> > I want to stop nmap from detecting my os .

> from /usr/src/sys/i386/conf/LINT
> #
> # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN.
> This # prevents nmap et al. from identifying the TCP/IP stack, but
> breaks support # for RFC1644 extensions and is not recommended for
> web servers. #
> options         TCP_DROP_SYNFIN         #drop TCP packets with

Additionally, add

# RANDOM_IP_ID causes the ID field in IP packets to be randomized
options         RANDOM_IP_ID

and change the default TTL.



"The number of Unix installations has grown to ten, with more expected"
                -- The Unix programmers handbook, 1972

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <$2eb649c0$fd6e34c6>