Honeypots mailing list archives

Re: Faking OS detection

From: mike () honeynet org
Date: Sat, 1 Feb 2003 10:03:52 -0500 (EST)

Check out honeyd by Neils Provos,
http://www.citi.umich.edu/u/provos/honeyd/


Mike

On Sat, 1 Feb 2003 leak () blackout ru wrote:


I wonder how i can emulate some OS when somebody scans my box with
nmap -O or something else.
Im using FreeBSD on my servers, and currently i block all OS guessing
by setting
options TCP_DROP_SYNFIN in my kernel.

But is it possible to modify TCP/IP stack so it will emulate win2k or
linux or something else?

Thanx

--
// undef
// i code. therefore i am.

Current thread:

Faking OS detection leak (Feb 01)
- Re: Faking OS detection mike (Feb 01)
- RE: Faking OS detection Alberto Gonzalez (Feb 01)
- Re: Faking OS detection Hendrik Scholz (Feb 01)
- Re: Faking OS detection Shafik Yaghmour (Feb 01)
- Re: Faking OS detection Franck Veysset (Feb 03)
  - Re: Faking OS detection Alan Neville (Feb 03)