Security Basics mailing list archives

Re: Re: Re: Faking OS fingerprinting in Windows

From: "Phil Cryer" <phil () cryer us>
Date: Thu, 16 Jun 2005 12:33:38 -0500

From: shaver () cfl rr com
To: security-basics () securityfocus com
Date: 16 Jun 2005 05:12:31 -0000
Subject: Re: Re: Faking OS fingerprinting in Windows

try the paper "Defeating TCP/IP Stack Fingerprinting" located at 
http://www.usenix.org/publications/library/proceedings/sec2000/full_papers/smart/smart_html/index.html


Using OpenBSD as a firewall helps me, by default, PF (packetfilter) blocks packets with IP options set. This can make 
the job more difficult for "OS fingerprinting" utilities like nmap.  I haven't tested this, so I'm unsure of how good 
of a job it does, but it's something.

P


"You teach best what you most need to learn." - Richard Bach

Current thread:

Faking OS fingerprinting in Windows Christian Wendell Gueco (Jun 13)
- RE: Faking OS fingerprinting in Windows Burton Strauss (Jun 15)
- Re: Faking OS fingerprinting in Windows Information Services (Jun 15)
- <Possible follow-ups>
- Re: Faking OS fingerprinting in Windows merc4krugger_at_gmail_dot_com (Jun 14)
- Re: Faking OS fingerprinting in Windows shaver (Jun 15)
- RE: Faking OS fingerprinting in Windows Andrew Shore (Jun 15)
- Re: Faking OS fingerprinting in Windows velox (Jun 15)
  - Re: Faking OS fingerprinting in Windows Louis Lerman (Jun 16)
- Re: Faking OS fingerprinting in Windows finattack (Jun 15)
- Re: Re: Faking OS fingerprinting in Windows shaver (Jun 16)
- Re: Re: Re: Faking OS fingerprinting in Windows Phil Cryer (Jun 16)
- RE: Faking OS fingerprinting in Windows Matt Stovall (Jun 17)