From: Aaron (microchp@microchp.org)
Date: Thu Mar 02 2006 - 19:46:25 EST
There may also be some interest in looking up tarpitting.
It does not stop scanning but maybe be used in
conjunction with changing the OS fingerprint to slow a
scan lower the accuracy of the results as threads will
time out. If used on enough addresses, it can make
enumeration a pita.
Also change the default TTL.
Honeyd and DTK are also fun to play with but may draw the
wrong attention to your address space.
If you really want to confuse nmap, dont run any
firewalls, turn on all services and leave everything
default. ;)
--Aarön
------------------------------------------------------------------------------
This List Sponsored by: Lancope
"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed
enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA)
and Response solution, leverages Cisco NetFlow to provide scalable,
internal network security.
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response
Systems in the Enterprise."
http://www.lancope.com/resource/
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:35 EDT