Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 28 Mar 2002 17:37:17 -0500
From:      "Moti Levy" <moti@flncs.com>
To:        <freebsd-security@freebsd.org>
Subject:   Re: How can I erase my fingertips .
Message-ID:  <000001c1d6a9$2eb649c0$fd6e34c6@moti>
References:  <20020328172259.C73793-100000@cianet.cianet.ind.br> <E16qggb-000Ndz-00@pumaman.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Cooooool
thanks Bjoern Engels
Before :
No exact OS matches for host (If you know what OS is running on it, see
http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=2.54BETA31%P=i386-portbld-freebsd4.5%D=3/28%Time=3CA38B56%O=22%C=1)
TSeq(Class=TR%IPID=I%TS=100HZ)

After :
options         RANDOM_IP_ID
and sysctl net.inet.ip.ttl=68 instead of 64
Remote operating system guess: AIX 4.3.2.0-4.3.3.0 on an IBM RS/*
Uptime 0.003 days (since Thu Mar 28 17:25:37 2002)
TCP Sequence Prediction: Class=truly random
                         Difficulty=9999999 (Good luck!)
IPID Sequence Generation: Randomized

----- Original Message -----
From: "Bjoern Engels" <bjoern.engels@mail.isis.de>
To: <freebsd-security@freebsd.org>; "Moti Levy" <moti@flncs.com>
Sent: Thursday, March 28, 2002 3:39 PM
Subject: Re: How can I erase my fingertips .


On Thursday, 28. March 2002 21:25, Alvaro Pereira wrote:

> On Thu, 28 Mar 2002, Moti Levy wrote:
> > I want to stop nmap from detecting my os .

> from /usr/src/sys/i386/conf/LINT
>
> #
> # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN.
> This # prevents nmap et al. from identifying the TCP/IP stack, but
> breaks support # for RFC1644 extensions and is not recommended for
> web servers. #
> options         TCP_DROP_SYNFIN         #drop TCP packets with
> SYN+FIN
>

Additionally, add

# RANDOM_IP_ID causes the ID field in IP packets to be randomized
options         RANDOM_IP_ID

and change the default TTL.

Bjoern

--

"The number of Unix installations has grown to ten, with more expected"
                -- The Unix programmers handbook, 1972




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000001c1d6a9$2eb649c0$fd6e34c6>