iptables can be Prevent passive fingerprinting like OPENBSD PF's "Packet Normalization" look: http://voodoo.somoslopeor.com/papers/nmap.html http://www.benzedrine.cx/cgi-bin/htsearch?words=Fingerprinting http://www.openbsd.org/faq/pf/scrub.html can be use : IPV4OPTSSTRIP or ipv4options or TTL or TOS?
