Note that some of the features you're referring to are specific to the OpenBSD -current tree (pre 3.3), and not found in 3.2 -release or -stable. -J. On Sun, 2003-03-09 at 17:18, Alex Lambert wrote: > David, > > OpenBSD's "pf" has an interesting option called "scrub" that I don't believe > you explored. The URL for the manpage is > http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf&sektion=5&arch=i386&apr > opos=0&manpath=OpenBSD+Current and says: > > "Traffic normalization is used to sanitize packet content in such a way > that there are no ambiguities in packet interpretation on the receiving > side. The normalizer does IP fragment reassembly to prevent attacks > that > confuse intrusion detection systems by sending overlapping IP > fragments." > > Some of its options, such as "random-id" could inhibit nmap success. > > > > Cheers, > > apl > > ----- Original Message ----- > From: "David Barroso" <tomacat_private> > To: <pen-testat_private> > Sent: Sunday, March 09, 2003 6:17 AM > Subject: Methods for evading Nmap OS Fingerprinting > > > > Hello, > > I've just released a brief paper about methods for defeating Nmap when > > guessing the remote OS. Since most pen-testers run Nmap for OS discover, > > they should know which apps are out there for fooling Nmap and how they > > work. > > > > http://voodoo.somoslopeor.com/papers.php > > > > -------------------------------------------------------------------------- > -- > > > > Are your vulnerability scans producing just another report? > > Manage the entire remediation process with StillSecure VAM's > > Vulnerability Repair Workflow. > > Download a free 15-day trial: > > http://www2.stillsecure.com/download/sf_vuln_list.html > > > > > ---------------------------------------------------------------------------- > > Are your vulnerability scans producing just another report? > Manage the entire remediation process with StillSecure VAM's > Vulnerability Repair Workflow. > Download a free 15-day trial: > http://www2.stillsecure.com/download/sf_vuln_list.html > > > ---------------------------------------------------------------------------- Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html
This archive was generated by hypermail 2b30 : Tue Mar 11 2003 - 11:03:10 PST