-3

how can i change OS CPE in ubuntu. this is my CPE: OS CPE: cpe:/o:linux:linux_kernel:3 when scanning with nmap leakage all my OS properties . but I need to change the original information to fake information. My main goal is that the nmap scanner can not identify the type of operating system

milad saber
  • 1
  • 1
    `My main goal is that the nmap scanner can not identify the type of operating system` - According to the [description](https://nmap.org/book/man-os-detection.html), how `nmap` performs OS detectection, it is **insufficient to simply modify CPE** of your machine to the fake one, you need to force your machine to **act like a different one**. For that you need to undestand how `nmap` actually works, and according to that **modify many things** in your machine for mislead `nmap`. This requires some research work to be done. – Tsyvarev Jan 28 '17 at 10:03

1 Answers1

0

This question should be more for Security StackExchange. Anyway...

There are ways to "trick" nmap fingerprinting but is not an easy task.

Nmap sends a series of TCP and UDP packets to the remote host and examines practically every bit in the responses. After performing dozens of tests such as TCP ISN sampling, TCP options support and ordering, IP ID sampling, and the initial window size check, Nmap compares the results to its nmap-os-db database of more than 2,600 known OS fingerprints and prints out the OS details if there is a match.

You can mock some tools detection spoofing the banner or signature. But if you want to mock the OS fingerprinting is not an easy task. You must have a pretty comprehensive set of TCP frame sizes, keepalive functionality, packet number sequences, service banners, etc. Is a though task.

Methods to defeat Nmap OS Fingerprinting in Linux are written as kernel modules, or at least, as patches to the Linux kernel.

Look at the nmap documentation about this topic.

OscarAkaElvis
  • 5,384
  • 4
  • 27
  • 51