Re: nmap os detection!

[Caleb Humberd <tych0 () blazenet net>]

Prathap,

I have been fooling around with the iptables on my Slackware Linux box, 
and when I set it to DENY inbound and forward traffic, and ACCEPT all 
outbound traffic, I could not portscan my computer. There are some 
issues with this, though. ping does not work, so you would have to 
explicitly allow echo-reply, destination-unreachable, and time-exceded 
ICMP inbound packets. Of course, if you wanted to ssh into your box, or 
run a webserver, or something of that sort, you would have to 
explicitly allow these connections as well.

I found the information on iptables in its man page, and at 
http://tldp.org/HOWTO/Security-Quickstart-HOWTO/index.html

This is what I have been able to figure out in about a week's worth of 
playing around with iptables and nmap. Someone who has a lot more 
experience with either or both is welcome to tear apart my method or 
add some constructive criticism.

CJH


On Friday, Feb 7, 2003, at 09:43 US/Eastern, Prathap R wrote:

> hello all,
>          i just used nmap to detect the os on the network. out of 
> curiosity,i want to know if there is a way of making the OS 
> undetectable. it will be of great help if anyone could point out how 
> do it?. i am using both windows and linux.
> thanks in advance.
> regards,
>        Prathap
>
>
>
> Get Your Private, Free E-mail from Indiatimes at 
> http://email.indiatimes.com
>
>  Buy the best in Movies at http://www.videos.indiatimes.com
>
> Bid for for Air Tickets @ Re.1 on Air Sahara Flights. Just log on to 
> http://airsahara.indiatimes.com and Bid Now !