How can I hide P0F (OS fingerprint) under linux 2.4?
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How can I hide P0F (OS fingerprint) under linux 2.4?
Hey guys!
I've been looking for a soultion for hiding my computer's TCP Fingerprint which
allows the others to determine whether what OS I'm using (Passive OS Fingerprinting, p0f), what's its uptime, etc.
I'm not talking about I want ONLY to block people who want to fingerprint me, or block the script kiddies or someone who uses nmap.
I want to somehow rewrite the package headers, so if I login to another server
they shouldn't be able to understand my fingerprint (e.g. using the p0f application: http://lcamtuf.coredump.cx/p0f.shtml).
Is there any solution for this problem (e.g. a kernel patch) under linux (2.4)?
unSpawn: Thank you for your answer, but as I've told, it's not nmap what i wanna "defeat", but passive os fingerprinting (look at http://lcamtuf.coredump.cx/p0f.shtml). It's similar, but not exactly the same. Nmap can be fooled by a single grsecurity patch... but p0f not...
Since it's for 2,4,18 and I have 2.4.33 I won't be able to try it, but I understand what it wants me to do and I think it won't defeat p0f. Tell me if I'm wrong.
Did you really read the document? and for example search for p0f inside?
If you want to do this sort of strange things (which are not out of consequence for performance or other things) then you should probably know how to apply a patch aimed at a version to another version, you have to correct the reject files so it should be possible (I'm not patronizing you, I just mean that you are doing some network kernel hacking then its not easy stuff and you have to understand what you do)
Btw, there are other private tools floating around and I'm not 100% sure you will defeat them.
What's the point to do this anyway?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.