-----BEGIN PGP SIGNED MESSAGE-----
according to a recent honeypot/honeynet article, there _are_ software
addons for doing the TCP fingerprint spoofing. tho they may be
commercial. also other service quirks spoofing.
Thank You,
Ben Kochie (ben at nerp.net)
"Unix is user friendly, Its just picky about its friends."
On Fri, 27 Apr 2001, Dave Sherohman wrote:
> On Fri, Apr 27, 2001 at 08:06:02AM -0700, Peter Clark wrote:
> > Maybe now would be a good time to ask a question that I have been
> > wondering about for some time. Is there any way to have a box give a
> > false identity for its OS? For example, have Linux tell the outside
> > world that it is really NT4?
>
> You could set up a superficial appearance, sure. But I don't think anyone
> will be fooled if they telnet to the box and see
>
> Connected to ntbox.home.com
> Escape character is '^]'.
> Windows NT Server 4.0 ntbox
> ntbox login:
>
> More significantly, though, OS fingerprinting tools rely on quirks of the TCP
> stack to recognize a host's OS, so you're not going to fool them without
> rewriting substantial hunks of your kernel.
>
> --
> That's not gibberish... It's Linux. - Byers, The Lone Gunmen
> Geek Code 3.1: GCS d? s+: a- C++ UL++$ P++>+++ L+++>++++ E- W--(++) N+ o+
> !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r y+
> _______________________________________________
> tclug-list mailing list
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBOumcjctpDhsSpvgtAQFlSwP/T2wGpdU8yLepzHmtpO4sUzMxCClAT88W
QL0MPMQ+iAyHaZA20FYtmqRAnkQCT8LLi44wu9CigOkpFR0N8pF+sh+jqikjozZO
FJ0hvJTDZ2tohdjFLD3PTtJsYAHv9GPmoCIq76lN6QauQlVoMGUIBrr8xHc78lwk
XsTdGUkZE9w=
=H2jF
-----END PGP SIGNATURE-----