From: John P. Looney (valen at domain redbrick.dcu.ie)
Date: Wed 12 May 1999 - 13:24:32 IST
On Tue, May 11, 1999 at 11:18:28AM +0100, Ronan Kirby mentioned:
> Have any of you ever tried to change the tcp/ip fingerprinting of your
> linux box? Get it to return blank or spoof to be another o/s. I had an
> article on it, but it vanished into the realms of my cluttered work space
You could try ask Alan Cox. He said he got bored one day, and decided to
annoy all the freaks that try and probe his ports as soon as he connected
to an IRC server. He rewrote large parts of the IP stack code to return
wierd stuff, if the IP address wasn't known. Stuff like port 25 would be MS
Exchange, port 110 would be a /dev/random type of thing. It was a bit mad.
I'm sure you could do something similar with TCP Wrappers...
-- Is PIRACY killing the Amiga?" bravely ponders AMIGA FORMAT - well, either that or someone's stopped manufacturing the hardware. -- www.ntk.net (30.04.99)
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:12 GMT