Penetration Testing mailing list archives
Re: Methods for evading Nmap OS Fingerprinting
From: "Alex Lambert" <alambert () quickfire org>
Date: Sun, 9 Mar 2003 16:18:13 -0600
David, OpenBSD's "pf" has an interesting option called "scrub" that I don't believe you explored. The URL for the manpage is http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf&sektion=5&arch=i386&apr opos=0&manpath=OpenBSD+Current and says: "Traffic normalization is used to sanitize packet content in such a way that there are no ambiguities in packet interpretation on the receiving side. The normalizer does IP fragment reassembly to prevent attacks that confuse intrusion detection systems by sending overlapping IP fragments." Some of its options, such as "random-id" could inhibit nmap success. Cheers, apl ----- Original Message ----- From: "David Barroso" <tomac () somoslopeor com> To: <pen-test () securityfocus com> Sent: Sunday, March 09, 2003 6:17 AM Subject: Methods for evading Nmap OS Fingerprinting
Hello, I've just released a brief paper about methods for defeating Nmap when guessing the remote OS. Since most pen-testers run Nmap for OS discover, they should know which apps are out there for fooling Nmap and how they work. http://voodoo.somoslopeor.com/papers.php --------------------------------------------------------------------------
--
Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html
---------------------------------------------------------------------------- Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html
Current thread:
- Methods for evading Nmap OS Fingerprinting David Barroso (Mar 09)
- Re: Methods for evading Nmap OS Fingerprinting Alex Lambert (Mar 11)
- Re: Methods for evading Nmap OS Fingerprinting Jason Dixon (Mar 11)
- Re: Methods for evading Nmap OS Fingerprinting Cedric Blancher (Mar 11)
- Re: Methods for evading Nmap OS Fingerprinting Alex Lambert (Mar 11)