mailing list archives
Re: spoofing another machine's fingerprints
From: Joshua Wright <jwright () hasborg com>
Date: Fri, 30 Aug 2013 09:19:53 -0400
On Aug 29, 2013, at 6:57 PM, Robin Wood <robin () digininja org> wrote:
As I asked about recently, I'll soon be testing a NAC type device and so I was wondering, is there a tool which will
let me watch a device then clone its network fingerprint? By fingerprint I mean things like network settings such as
TTLs but also open ports (probably couldn't spoof the service but at least open the port).
I know there is a tool that is designed to fool attackers by having a list of different OS's and you chose which you
want to pretend to be but rather than pick from a list I want to be able to point it at another machine and say
I don't think that exists. When I want to evade NAC systems, I usually start with a Scapy-generated 3-way handshake
that mimic's an iPad or other device that I put together manually.
If a tool doesn't exist, and I don't think it will, can someone remind me of the name of the tool I described above
and I'll have a look see if that can be modified.
I think you mean OSFuscate by Irongeek:
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com