Avoiding OS Fingerprinting In Windows

October 4, 2008 by Eliot 12 Comments

[Irongeek] has been working on changing the OS fingerprint of his Windows box. Common network tools like Nmap, P0f, Ettercap, and NetworkMiner can determine what operating system is being run by the behavior of the TCP/IP stack. By changing this behavior, you can make your system appear to be another OS. [Irongeek] started writing his own tool by checking the source of Security Cloak to find out what registry keys needed to be changed. His OSfuscate tool lets you define your own .os fingerprint file. You can pretend to be any number of different systems from IRIX to Dreamcast. Unfortunately this only works for TCP/IP. Other methods, like Satori‘s DHCP based fingerprinting, still work and need to be bypassed by other means. Yes, this is just “security through obscurity”, but it is something fun to play with.

ATmega88 Webserver

July 15, 2008 by Benjamin Eckel 15 Comments

If you are an Atmel fan, you may enjoy this webserver built around the ATmega88. Since it has full TCP and HTTP support, communication can be done using a standard web browser on any system. We also noticed that the code uses AVR Libc and the processor can be replaced with an ATmega168, both used on the Arduino platform. Honestly, we think the most interesting part about this project is the firmware. The author has assumed that the webserver will only be sending one packet per request and the code is optimized for this setup. This leaves around 50% of the memory for the web application.

[via YourITronics]