>There are many other ways to determine the operating system as well, >most of which are described in a fairly recent phrack article (number 54 >if I am correct) >by fyodor, and are addressed in the article mentionned below > >How can we mask our operating system from these tcp/ip stack >fingerprinting tools while still being functional? You probably can't, at least not without a significant, tedious, and error-prone code audit. We've been doing research on OS fingerprinting for the past few years, and there are hundreds of different stack-specific idiosynchricies. You'd definitely be making a large mistake to assume "OS detection" means "nmap and queso". ----------------------------------------------------------------------------- Thomas H. Ptacek Network Security Research Team, NAI ----------------------------------------------------------------------------- "If you're so special, why aren't you dead?"
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:37:06 PDT