Contributed by J. Webb on from the os-fingerprint-not dept.
email@example.com has written up an interesting proof-of-concept for an alternative to port-knocking type solutions which basically employs PF's support of OSFP-based rulesets along with a userland util. for modifying IP header values etc. From writeup:
"The idea is to use os fingerprints as a key. An user can invent a specific sequence of header values that will identify his fake os, add it to fingerprints database and use it in the firewall. The result is an OBSD machine that is totally stealth to port scans but the owner can log into it using his specific set of header values."Full details are here: http://tripp.dynalias.org/p0fspoof.txt
(Comments are closed)