Security Cloak : How to fool Passive OS Scanner

Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied.

http://www.linuxhaxor.net/2007/07/23/security-cloak-how-to-fool-passive-os-scanner/

pavs

 

The pOf fingerprint submission link reads my system as XP/2000, with both the user agent switcher and Proxomitron bypassed. Missed the hardware firewall entirely. Only thing it got right is that I have an ethernet modem and my IP. Fooling that isn't much of an accomplishment..
Rick

 

what do you mean by it missed the hardware firewall? It's not supposed to give information about your hardware firewall, but your OS, thats the whole point.
It is a "passive OS scanner" , what makes you think it's going to work if you hide behind a proxy?

For an active OS scanner use Nmap, or at least learn how to:
http://www.linuxhaxor.net/category/hacking-tools/nmap/

Cheers,
pavs

 

The pOf V2 signature contribution specifically asks for firewall/cache systems.

I'm using a hardware firewall but not a proxy. Either way, it didn't get my OS right either.

You used a screenshot from http://lcamtuf.coredump.cx/p0f-help/ and I wanted to see if it could accurately identify mine. From their page.

I was primarily checking out pOf's accuracy. It wasn't. Regarding NMAP, not needed to check their accuracy in identifying my own system.
Rick