FreeBSD and NMAP
Edwin Brown
edwin.brown at gmail.com
Wed Apr 20 05:21:19 PDT 2005
You could also just enable pf and have one scrub rule.
/etc/rc.conf
pf_enable="YES" # Set to YES to enable packet filter (pf)
pf_rules="/etc/pf.conf" # rules definition file for pf
pf_program="/sbin/pfctl" # where the pfctl program lives
pf_flags="" # additional flags for pfctl
pflog_enable="YES" # Set to YES to enable packet filter logging
pflog_logfile="/var/log/pflog" # where pflogd should store the logfile
pflog_program="/sbin/pflogd" # where the pflogd program lives
pflog_flags="" # additional flags for pflogd
----------------------------------------------------------------------------------------------------------------------
/etc/pf.conf
scrub all no-df random-id reassemble tcp
----------------------------------------------------------------------------------------------------------------------
Best regards,
Edwin
On 4/19/05, Damian Gerow <dgerow at afflictions.org> wrote:
> Thus spake Dominic Marks (dom at helenmarks.co.uk) [19/04/05 07:18]:
> : On Tuesday 19 April 2005 12:11, pck wrote:
> : > Hi,
> : >
> : > How can i hide from nmap that my OS is FreeBSD? Is this possible?
> :
> : # sysctl -ad | grep random_id
> : net.inet.ip.random_id: Assign random ip_id values
> : # echo 'net.inet.ip.random_id=1' >> /etc/sysctl.conf
>
> That doesn't hide the OS. That just makes the IP ID field random.
>
> One way to help:
>
> echo "net.inet.tcp.drop_synfin=1' >> /etc/sysctl.conf
>
> (Note that you need the "options TCP_DROP SYNFIN" line in your kernel
> config.)
>
> Other than that... randomize the packet fingerprint data. I know there's
> been at least one daemon that did this on Linux, as well as a kernel patch
> that did the same. But I'd ask: why? You're doing a significant amount of
> work for very little in return.
>
> - Damian
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
More information about the freebsd-stable
mailing list