Security Basics mailing list archives
Re: nmap os detection!
From: Caleb Humberd <tych0 () blazenet net>
Date: Fri, 7 Feb 2003 20:06:11 -0500
Prathap,I have been fooling around with the iptables on my Slackware Linux box, and when I set it to DENY inbound and forward traffic, and ACCEPT all outbound traffic, I could not portscan my computer. There are some issues with this, though. ping does not work, so you would have to explicitly allow echo-reply, destination-unreachable, and time-exceded ICMP inbound packets. Of course, if you wanted to ssh into your box, or run a webserver, or something of that sort, you would have to explicitly allow these connections as well.
I found the information on iptables in its man page, and at http://tldp.org/HOWTO/Security-Quickstart-HOWTO/index.html
This is what I have been able to figure out in about a week's worth of playing around with iptables and nmap. Someone who has a lot more experience with either or both is welcome to tear apart my method or add some constructive criticism.
CJH On Friday, Feb 7, 2003, at 09:43 US/Eastern, Prathap R wrote:
hello all,i just used nmap to detect the os on the network. out of curiosity,i want to know if there is a way of making the OS undetectable. it will be of great help if anyone could point out how do it?. i am using both windows and linux.thanks in advance. regards, PrathapGet Your Private, Free E-mail from Indiatimes at http://email.indiatimes.comBuy the best in Movies at http://www.videos.indiatimes.comBid for for Air Tickets @ Re.1 on Air Sahara Flights. Just log on to http://airsahara.indiatimes.com and Bid Now !
Current thread:
- nmap os detection! Prathap R (Feb 07)
- Re: nmap os detection! Brad Arlt (Feb 07)
- RE: nmap os detection! Ethan (Feb 07)
- Re: nmap os detection! Leo Security (Feb 10)
- Re: nmap os detection! flur (Feb 07)
- Re: nmap os detection! Caleb Humberd (Feb 10)
- <Possible follow-ups>
- nmap os detection! tburns (Feb 07)