mailing list archives
Re: Intrusion detection question.
From: Jose Nazario <jose () biocserver BIOC CWRU Edu>
Date: Thu, 10 Feb 2000 08:25:08 -0500 (EST)
On Thu, 10 Feb 2000, Vanja Hrustic wrote:
Does anybody have more examples on how to trick nMap fingerprinting
(UNIX examples, if possible)?
you can use ipfilter, i believe, to block non-natural packets which get
used in fingerprinting, or block stuff that's not in the state table. this
is discussed in http://www.pgci.ca/fingerprint.html . blocking SYN/FIN
combos, for example.
i haven't tested this, other stuff keeps coming up.
jose nazario jose () biochemistry cwru edu
PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Re: Intrusion detection question. Michel Arboi (Feb 10)
Re: Intrusion detection question. Bart van Leeuwen (Feb 10)