On Tue, 19 Apr 2005, peceka wrote: >> > How can i hide from nmap that my OS is FreeBSD? Is this possible? >> >> # sysctl -ad | grep random_id >> net.inet.ip.random_id: Assign random ip_id values >> # echo 'net.inet.ip.random_id=1' >> /etc/sysctl.conf > >After that: >Interesting ports on 192.168.1.248: >(The 1643 ports scanned but not shown below are in state: closed) >Port State Service >22/tcp open ssh >Device type: general purpose >Running (JUST GUESSING) : FreeBSD 5.X|4.X (95%), Apple Mac OS X 10.1.X >(88%), OpenBSD 3.X|2.X (88%), Apple Mac OS 8.X (85%) >Aggressive OS guesses: FreeBSD 5.0-RELEASE (95%), Apple Mac OS X >10.1.5 (88%), FreeBSD 4.3 - 4.4PRERELEASE (88%), FreeBSD 5.0-RELEASE >(x86) (88%), FreeBSD 5.1-CURRENT (June 2003) on Sparc64 (88%), OpenBSD >3.0 or 3.3 (88%), Apple Mac OS X 10.1.4 (Darwin Kernel 5.4) on iMac >(86%), FreeBSD 4.5-RELEASE (or -STABLE) through 4.6-RC (X86) (86%), >FreeBSD 4.7-RELEASE (86%), FreeBSD 5.0-RELEASE or -CURRENT (Jan 2003) >(86%) >No exact OS matches for host (test conditions non-ideal). >Uptime 0.003 days (since Tue Apr 19 13:22:41 2005) > >So it didn't help much... >
So, try this: block in log quick proto tcp flags FUP/WEUAPRSF block in log quick proto tcp flags WEUAPRSF/WEUAPRSF block in log quick proto tcp flags SRAFU/WEUAPRSF block in log quick proto tcp flags /WEUAPRSF block in log quick proto tcp flags SR/SR block in log quick proto tcp flags SF/SF (in pf.conf) -- Michał 'max' Marciniak felix.fizyka.amu.edu.pl _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"