Date: Tue, 19 Apr 2005 14:53:53 -0400 From: Damian Gerow <dgerow@afflictions.org> To: freebsd-stable@freebsd.org Subject: Re: FreeBSD and NMAP Message-ID: <20050419185353.GB770@afflictions.org> In-Reply-To: <200504191216.24362.dom@helenmarks.co.uk> References: <f0f70e5e0504190411241c2433@mail.gmail.com> <200504191216.24362.dom@helenmarks.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Thus spake Dominic Marks (dom@helenmarks.co.uk) [19/04/05 07:18]:
: On Tuesday 19 April 2005 12:11, pck wrote:
: > Hi,
: >
: > How can i hide from nmap that my OS is FreeBSD? Is this possible?
:
: # sysctl -ad | grep random_id
: net.inet.ip.random_id: Assign random ip_id values
: # echo 'net.inet.ip.random_id=1' >> /etc/sysctl.conf
That doesn't hide the OS. That just makes the IP ID field random.
One way to help:
echo "net.inet.tcp.drop_synfin=1' >> /etc/sysctl.conf
(Note that you need the "options TCP_DROP SYNFIN" line in your kernel
config.)
Other than that... randomize the packet fingerprint data. I know there's
been at least one daemon that did this on Linux, as well as a kernel patch
that did the same. But I'd ask: why? You're doing a significant amount of
work for very little in return.
- Damian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050419185353.GB770>