Re: Hiding NATs with PF
From: Greg Hennessy (me_at_privacy.org)
Date: 09/28/05
- Next message: Daniel Hartmeier: "Re: Hiding NATs with PF"
- Previous message: jpd: "Re: Hiding NATs with PF"
- In reply to: Max Bolingbroke: "Hiding NATs with PF"
- Next in thread: Max Bolingbroke: "Re: Hiding NATs with PF"
- Reply: Max Bolingbroke: "Re: Hiding NATs with PF"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 28 Sep 2005 14:45:51 +0100
On Wed, 28 Sep 2005 03:01:55 +0100, Max Bolingbroke
<batterseapower{no@spam}hotmail.com> wrote:
>This has covered the two main bases: TTL monitoring and statistical
>analysis of IP IDs. However, I'm still going to be vunerable to passive
>OS fingerprinting.
What are you protecting yourself against exactly ?
> Are there any further ways I can have PF munge my
>outgoing packets so look like they all come from the same flavour of TCP
>stack?
You mean a http://lcamtuf.coredump.cx/p0f-help/
response looking something like ?
UNKNOWN [65535:56:1:64:M1438,N,W3,N,N,T,S,E:P:?:?] (up: 8454 hrs) ->
213.134.128.25:80 (link: unknown-1478)
-- "Access to a waiting list is not access to health care"
- Next message: Daniel Hartmeier: "Re: Hiding NATs with PF"
- Previous message: jpd: "Re: Hiding NATs with PF"
- In reply to: Max Bolingbroke: "Hiding NATs with PF"
- Next in thread: Max Bolingbroke: "Re: Hiding NATs with PF"
- Reply: Max Bolingbroke: "Re: Hiding NATs with PF"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
