Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Preventing remote OS detection

From: ashland () pobox com (tqbf)
Date: Mon, 22 Feb 1999 17:05:58 -0500


There are many other ways to determine the operating system as well,
most of which are described in a fairly recent phrack article (number 54
if I am correct)
by fyodor, and are addressed in the article mentionned below

How can we mask our operating system from these tcp/ip stack
fingerprinting tools while still being functional?


You probably can't, at least not without a significant, tedious, and
error-prone code audit. We've been doing research on OS fingerprinting for
the past few years, and there are hundreds of different stack-specific
idiosynchricies.

You'd definitely be making a large mistake to assume "OS detection" means
"nmap and queso".

-----------------------------------------------------------------------------
Thomas H. Ptacek                          Network Security Research Team, NAI
-----------------------------------------------------------------------------
                                 "If you're so special, why aren't you dead?"
Previous By Date Next
Previous By Thread Next

Current thread: