IP Personality 20020427-2.4.18 reviewDownload
The Linux IP Personality patch adds to your Linux 2.4 kernel the ability to have different 'personalities' network wise, that is to c
The Linux IP Personality patch adds to your Linux 2.4 kernel the ability to have different 'personalities' network wise, that is to change some characteristics of its network traffic, depending on different parameters (anything you can specify in an iptables rule: src/dst IP address, TCP or UDP port, etc.)
The next characteristics can be changed:
TCP Initial Sequence Number (ISN)
TCP initial window size
TCP options (their types, values and order in the packet)
IP ID numbers
answers to some pathological TCP packets
answers to some UDP packets
They are deeply configurable.
This patch relies on the wonderful framework created by Rusty Russel: netfilter. More precisely, the patch adds a new iptables target (in a kernel module) that can be used in the mangle table with a (patched) iptables. This target is very configurable. See the documentation section for more details on how it works.
The primary objective of this patch is to counter network fingerprinting techniques, as described in Fyodor's article.
Fyodor is the author of nmap, the famous port scanner that has a powerful remote OS detection engine. IP Personality can fool current versions of nmap, and is very configurable, so that it can probably fool any similar tool. The patch allows one to emulate the behaviour of any system listed in nmap's list of OS fingerprints. Some of its features can even be applied to routed traffic, and thus disturb scans directed to machines that are behind it. Some features (eg TCP ISN rewriting) can also be used to improve overall network security.
What's New in This Release:
net, linux: updated for Linux 2.4.18, fixed all compile warnings and a potential Oops
doc, misc: updated for latest changes
email addresses: please note that it should be sourceforge.net
IP Personality 20020427-2.4.18 keywords