Home page logo

Nmap Announce mailing list archives

Re: Intrusion detection question.
From: Jose Nazario <jose () biocserver BIOC CWRU Edu>
Date: Thu, 10 Feb 2000 08:25:08 -0500 (EST)

On Thu, 10 Feb 2000, Vanja Hrustic wrote:

Does anybody have more examples on how to trick nMap fingerprinting
(UNIX examples, if possible)?

you can use ipfilter, i believe, to block non-natural packets which get
used in fingerprinting, or block stuff that's not in the state table. this
is discussed in http://www.pgci.ca/fingerprint.html . blocking SYN/FIN
combos, for example.

i haven't tested this, other stuff keeps coming up.

jose nazario                                    jose () biochemistry cwru edu
PGP fingerprint: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]