Delude Remote Operating System (OS) Scan by Honeyd
The techniques of active TCP/IP stack fingerprinting in the remote OS scanning are introduced, how to simulate the fingerprints of OS which will react to OS detection is presented, and Honeyd (a software of honeypot) is used to run some virtual OS to delude remote OS scan.
Abstract
Remote Operating System (OS) detection is an important technique in the network system security and becomes more and more popular these days, because it has close connection with the vulnerability just for an open port. This paper detailedly introduces the techniques of active TCP/IP stack fingerprinting in the remote OS scanning, presents how to simulate the fingerprints of OS which will react to OS detection, uses Honeyd(a software of honeypot) to run some virtual OS to delude remote OS scan.