Cedric wrote: >If you want to prevent discovery based on the TTL of packets you send, >reset TTL for outbound traffic to a default value such as 64. I agree. This is most useful for making it a tad more difficult to detect which OS you've chosen. Also, incrementing the TTL is useful for obscuring NAT, as mentioned earlier. This is helpful for HoneyPots where a single box/service is covering more than one IP/port. For the interested, I can submit my own setup as an example. Bob
