daniel, wow....the actual laundry list of activities and techniques required to harden any specific system from telling the world what os and apps are running is REALLY beyond the scope of the list. or look at dsniff@xxxxxxxxxx (that dug song's a pretty smart guy) Vlad, you have a LOT of reading and research to do.... ~piranha -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx]On Behalf Of Daniel Chemko Sent: Monday, November 29, 2004 2:12 PM To: Vlado Had; netfilter@xxxxxxxxxxxxxxxxxxx Subject: RE: OS Fingerprint Vlado Had wrote: > hi, could somebody help me, how can i change > osfingerprint in packets? > thanks Do some homework. Basically a scanner uses inherent flaws in a packet response to determine the destination machine, but it could also use the fingerprint of the services running on the PC. Ex. if I implement 100% faking on the networking part of my stealthing, but leave apache open, the apache could say Redhat Linux blahblahblah and give it all away to the hacker. It isn't just 'change TOS to random', or MSS to y, or block all n packets to port q. Those are some OS fingerprint examples, but the technique is a lot more detailed. If in doubt, tear open the nmap code!
