Sign in to follow this  
Followers 0
Vangald

OS Masking?

6 posts in this topic

How would I go about making a windows machine appear as a linux machine and vice versa on a network? This seems like an interesting way to deter attacks so I was curious if it would be possible.

0

Share this post


Link to post
Share on other sites

That's not terribly effective. Anyone capable of any sort of attack (other than ddos) will be able to see through that easily. It's much more effective to give them nothing to attack.

Edit: If you really wanted to do that, I suppose you could close all your Windows-related ports and open some dummy services on common Linux ports. Some simple probes with nmap would give you away though.

Edited by Ohm
0

Share this post


Link to post
Share on other sites

I'm not aware of anything for Windows but at the Defcon a few years ago there was a presentation about a tool called Morph. This tool uses packet purgatory to change the characteristics of Linux to fool tools which perform active stack finger printing. It will make Linux look like Windows or FreeBSD.

With windows you could use a SOHO router and forward a few ports to a Windows box and a few to a Linux box. If the router was scanned it may fool tools such as nmap, not sure though.

link to Morph:

<a href="http://www.synacklabs.net/projects/morph/" target="_blank">http://www.synacklabs.net/projects/morph/</a>

Edited by tekio
0

Share this post


Link to post
Share on other sites

Each operating system leaves fingerprints in the TCP/IP headers. AnonymOS, created a few years ago and based on OpenBSD, attempts to create a workstation that leaves no reliable fingerprints. lcamtuf's book, Silence on the Wire, provides a lot of details about different TCP/IP stack implementations.

0

Share this post


Link to post
Share on other sites

Dropping the "odd" packets with irregular TCP headers you'd never see in normal use would go a long way. It would also be trivial to implement on a competent firewall. I remember doing something like that on pf a while back.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0