FreeBSD OS Detection and Uptime

Rui Paulo rpaulo at FreeBSD.org
Sun Mar 23 15:28:57 UTC 2008


On Sat, Mar 22, 2008 at 11:14:28PM -0300, =?ISO-8859-1?Q?Daniel_Dias_Gon=E7alves_ wrote:
> Which methods used to prevent OS detection and uptime (nmap) ?
> http://nmap.org/misc/defeat-nmap-osdetect.html#BSD
> I tried, but not work.

The TCP Drop SYN+FIN sysctl might help.

% sysctl -d net.inet.tcp.drop_synfin
net.inet.tcp.drop_synfin: Drop TCP packets with SYN+FIN set

Regards.
-- 
Rui Paulo


More information about the freebsd-pf mailing list