On Fri, Feb 07, 2003 at 08:13:43PM +0530, Prathap R wrote: > i just used nmap to detect the os on the network. out of >curiosity,i want to know if there is a way of making the OS >undetectable. it will be of great help if anyone could point out how >do it?. i am using both windows and linux.
You can hide the OS footprint on your network traffic at the network level. Maybe even at the transport level. There is almost no point, as your web browser sends your OS type each and every time you connect to a web page. The best way to accomplish this is sending everything though a proxy server. This will give your network traffic the footprint of the proxy server. If that isn't good enough, then a packet filter/mangler with knowledge of most OS footprints would be required. As it would be *really* hard to detect all things your OS does, I'd say your best bet is to insert as many other footprints as you can. Thus your traffic would like like one of many OSes, one of which is the real one. But a list of, say, tweleve distinct OSes for one machine will cause most people to say "The scanner doesn't know what OS this IP is". This should be good enough for most purposes. ----------------------------------------------------------------------- __o Bradley Arlt Security Team Lead _ \<_ [EMAIL PROTECTED] University Of Calgary (_)/(_) I should be biking right now. Computer Science
