Fool Remote Operating System Detection Software
Evade remote OS detection attempts by disguising your TCP/IP stack.
Another method to thwart operating
system detection attempts is to modify the behavior of your
stack and make it emulate the behavior of another operating system.
This may sound difficult, but can be done fairly easily in Linux by
patching your kernel with code available from the
Personality project (http://ippersonality.sourceforge.net). This
code extends the kernel’s built-in firewalling
system, Netfilter, as well as its user-space component, the
To set up IP Personality, download the package that corresponds to your kernel. If you can’t find the correct one, visit the SourceForge patches page for the project (http://sourceforge.net/tracker/?group_id=7557&atid=307557), which usually has more recent kernel patches available.
To patch your kernel, unpack the IP Personality source distribution
and go to the directory containing your kernel source; then run the
patch -p1 < \
If you are using a patch downloaded from the patches page, just
substitute it in your
patch command. To verify
that the patch has been applied correctly, you can run this command:
find ./ -name \*.rej
If the patch was applied correctly, this command should not find any files.
Now that the kernel is patched, you will need to configure the kernel for ...