mailing list archives
Re: nmap os detection!
From: Caleb Humberd <tych0 () blazenet net>
Date: Fri, 7 Feb 2003 20:06:11 -0500
I have been fooling around with the iptables on my Slackware Linux box,
and when I set it to DENY inbound and forward traffic, and ACCEPT all
outbound traffic, I could not portscan my computer. There are some
issues with this, though. ping does not work, so you would have to
explicitly allow echo-reply, destination-unreachable, and time-exceded
ICMP inbound packets. Of course, if you wanted to ssh into your box, or
run a webserver, or something of that sort, you would have to
explicitly allow these connections as well.
I found the information on iptables in its man page, and at
This is what I have been able to figure out in about a week's worth of
playing around with iptables and nmap. Someone who has a lot more
experience with either or both is welcome to tear apart my method or
add some constructive criticism.
On Friday, Feb 7, 2003, at 09:43 US/Eastern, Prathap R wrote:
i just used nmap to detect the os on the network. out of
curiosity,i want to know if there is a way of making the OS
undetectable. it will be of great help if anyone could point out how
do it?. i am using both windows and linux.
thanks in advance.
Get Your Private, Free E-mail from Indiatimes at
Buy the best in Movies at http://www.videos.indiatimes.com
Bid for for Air Tickets @ Re.1 on Air Sahara Flights. Just log on to
http://airsahara.indiatimes.com and Bid Now !