IP Personality 20020427-2.4.18

The Linux IP Personality patch adds to your Linux 2.4 kernel.

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!
send us
an update
GPL (GNU General Public License) 
IP Personality Team
ROOT \ System \ Networking
The Linux IP Personality patch adds to your Linux 2.4 kernel the ability to have different 'personalities' network wise, that is to change some characteristics of its network traffic, depending on different parameters (anything you can specify in an iptables rule: src/dst IP address, TCP or UDP port, etc.)

The next characteristics can be changed:

TCP Initial Sequence Number (ISN)
TCP initial window size
TCP options (their types, values and order in the packet)
IP ID numbers
answers to some pathological TCP packets
answers to some UDP packets

They are deeply configurable.

This patch relies on the wonderful framework created by Rusty Russel: netfilter. More precisely, the patch adds a new iptables target (in a kernel module) that can be used in the mangle table with a (patched) iptables. This target is very configurable. See the documentation section for more details on how it works.

The primary objective of this patch is to counter network fingerprinting techniques, as described in Fyodor's article.

Fyodor is the author of nmap, the famous port scanner that has a powerful remote OS detection engine. IP Personality can fool current versions of nmap, and is very configurable, so that it can probably fool any similar tool. The patch allows one to emulate the behaviour of any system listed in nmap's list of OS fingerprints. Some of its features can even be applied to routed traffic, and thus disturb scans directed to machines that are behind it. Some features (eg TCP ISN rewriting) can also be used to improve overall network security.

What's New in This Release:

net, linux: updated for Linux 2.4.18, fixed all compile warnings and a potential Oops
doc, misc: updated for latest changes
email addresses: please note that it should be sourceforge.net

Last updated on July 12th, 2006

#KERNEL PATCH #nefilter features #netfilter patches #netfilter #kernel #patch #emulation

Add your review!