Hi Robin, On Aug 29, 2013, at 6:57 PM, Robin Wood <[email protected]> wrote:
> As I asked about recently, I'll soon be testing a NAC type device and so I > was wondering, is there a tool which will let me watch a device then clone > its network fingerprint? By fingerprint I mean things like network settings > such as TTLs but also open ports (probably couldn't spoof the service but at > least open the port). > > I know there is a tool that is designed to fool attackers by having a list of > different OS's and you chose which you want to pretend to be but rather than > pick from a list I want to be able to point it at another machine and say > "clone that". I don't think that exists. When I want to evade NAC systems, I usually start with a Scapy-generated 3-way handshake that mimic's an iPad or other device that I put together manually. > If a tool doesn't exist, and I don't think it will, can someone remind me of > the name of the tool I described above and I'll have a look see if that can > be modified. I think you mean OSFuscate by Irongeek: http://www.irongeek.com/i.php?page=security/osfuscate-change-your-windows-os-tcp-ip-fingerprint-to-confuse-p0f-networkminer-ettercap-nmap-and-other-os-detection-tools. -Josh _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
