Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fooling NMAP for Whatever Reason

Posted by CmdrTaco on from the well-now-isn't-that-fun dept.

taviso writes "Are you bored with your OS fingerprint? Do you dream of being able to impress your friends by convincing them your webserver is running on a sega dreamcast, or Apple LaserWriter? Well Dream no more! David Berrueta has written a paper oulining the techniques and tools available to defeat nmap's OS fingerprinting, available here [pdf]. Besides the hours of entertainment this could provide, he also lists some of the more serious reasons why you might want to consider this."

3 of 192 comments (clear)

  1. PDF MIRROR HERE by scubacuda · · Score: 5, Informative
    I googled and found a mirror PDF site.

    (But not before I d/led it to my local machine first!)

  2. IP personality.. by RatOfTheLab · · Score: 5, Informative

    Someone thought about OS fingerprint obfuscating a while ago... http://ippersonality.sourceforge.net/

  3. honeyd does this already by quigonn · · Score: 5, Informative

    honeyd is able to do this already for quite a long time. With honeyd you can basically create "virtual hosts", running on another computer, with their own IP address, their own IP personality (it comes with a large database of them), and their own services (basically, every inetd-capable program can be used as server with it). You can even create a "virtual network" of them, with configurable routes, latency and packet loss. Indistinguishable from real computers and networks.

    --
    A monkey is doing the real work for me.