With /etc/sysctl.conf
and /etc/pf.conf
These tests still detect
https://www.browserleaks.com/
https://www.doileak.com/
Trying to follow https://nmap.org/misc/defeat-nmap-osdetect.html#BSD I still cannot defeat the passive TCP OS Fingerprinting.
What am I missing?
Code:
# prevent OS fingerprinting
net.inet.tcp.drop_synfin=1
and /etc/pf.conf
Code:
##### Normalization #####
scrub in on $ext_if all fragment reassemble no-df
scrub out log on $ext_if all random-id
scrub log on $ext_if all reassemble tcp
##Block OS Fingerprinting
block in log quick on $ext_if proto tcp flags FUP/WEUAPRSF
block in log quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF
block in log quick on $ext_if proto tcp flags SRAFU/WEUAPRSF
block in log quick on $ext_if proto tcp flags /WEUAPRSF
block in log quick on $ext_if proto tcp flags SR/SR
block in log quick on $ext_if proto tcp flags SF/SF
##End of Block OS Fingerprinting
These tests still detect
https://www.browserleaks.com/
https://www.doileak.com/
Code:
TCP/IP stack OS Fingerprinting
Passive, SYN FreeBSD 9.x or newer | Language: Unknown | Link: PPPoE | MTU: 1492 | Distance: 8 Hops
Trying to follow https://nmap.org/misc/defeat-nmap-osdetect.html#BSD I still cannot defeat the passive TCP OS Fingerprinting.
What am I missing?