The following options are very useful to prevent passive fingerprinting (tested with p0f on openbsd 3.4):
net.inet.tcp.sack=0
net.inet.ip.ttl=71
net.inet.tcp.sendspace=65536
net.inet.tcp.recvspace=65536
net.inet.udp.recvspace=73728
Thanks Samudra
Thank you all for your suggestions, Last night I play around with
several sysctl options you suggest.
The following options are very useful to prevent passive fingerprinting (tested with p0f on openbsd 3.4):
net.inet.tcp.sack=0
net.inet.ip.ttl=71
net.inet.tcp.sendspace=65536
net.inet.tcp.recvspace=65536
net.inet.udp.recvspace=73728
The following options are very useful to prevent passive fingerprinting (tested with p0f on openbsd 3.4):
net.inet.tcp.sack=0
net.inet.ip.ttl=71
net.inet.tcp.sendspace=65536
net.inet.tcp.recvspace=65536
net.inet.udp.recvspace=73728
- Prevent passive fingerprinting Samudra Reiher
- Re: Prevent passive fingerprinting Laurent Cheylus
- Re: Prevent passive fingerprinting A. Wright
- RE: Prevent passive fingerprinting Dom De Vitto
- Samudra Reiher
