Monday, March 3, 2014

Spoofing Ports To Trick Bad Guys

Portspoof is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security system. The general goal of the program is to make the reconessaince phase slow and bothersome for your attackers as much it is only possible. This is quite a change to the standard 5s Nmap scan, that will give a full view of your systems running services.
By using all of the above mentioned techniques together: 
your attackers will have a tough time while trying to identify all of your listening services.
  • the only way to determine if a service is emulated is through a protocol probe (imagine probing protocols for 65k open ports!).
  • it takes more than 8 hours and 200MB of sent data in order to get all of the service banners for your system ( nmap -sV -p - equivalent).
References:

1. http://www.cartoonaday.com/images/cartoons/2012/04/april-fools-day-cartoon-598x526.jpg

No comments: