iEntry 10th Anniversary
LinuxHaxor
WindowHaxor
MacHaxor
Security Cloak : How to fool Passive OS Scanner
Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied.
Note that in order to properly emulate some Operating Systems, the MTU must be changed. While most of these require the MTU to be 1500 (the default for most network connections),depending on your network connection, this could degrade/interfere with your connectivity, so be sure to check your current MTU before applying these changes. It is recommended that you save all the original key values before using this program in the event that your computer responds negatively to the changes.
Source: http://www.securiteam.com/tools/5MP052KI0A.html
Windows Binary: http://www.craigheffner.com/security/
Security Cloak in Action:
I am preety sure I am not running Sega Dreamcast 3.0 .
On a Seperate note. Not Using Security Cloak but trying some modification I changed my server banner into this: (netcraft hasn’t been updated yet as of this writing)
Cheers,
pavs
ps, Originally posted in sister forum Linuxhaxor.net
[...] Pavs sent in a link to a program for Windows XP called Security Cloak, which can be used to tweak your machine’s TCP/IP fingerprint to look like something else: Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied. [...]
[...] this is gonna be fun. Previously I showed you how to tweak your machine’s TCP/IP fingerprint to look like something [...]
[...] Pavs sent in a link to a program for Windows XP called shield Cloak, which can be used to tweak your machine’s TCP/IP fingerprint to look like something else: Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, checking against Nmap, xprobe2, queso and cheops showed that they were unable to identify the exact operating system/version after safety measure Cloak settings had been applied. [...]
[...] Pavs sent in a link to a program for Windows XP called Security Cloak, which can be used to tweak your machine’s TCP/IP fingerprint to look like something else: Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied. [...]