The Linux IP Personality patch enhances your Linux 2.4 kernel by adding new functionalities.
This patch offers deep configurability, allowing you to change the following characteristics: TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, values, and order in the packet), IP ID numbers, answers to some pathological TCP packets, and answers to some UDP packets. It relies on the netfilter framework created by Rusty Russel and adds a new iptables target that can be used in the mangle table with a (patched) iptables.
The primary objective of this patch is to counter network fingerprinting techniques, making it possible to fool current versions of nmap and any similar tool. You can even emulate the behavior of any system listed in nmap's list of OS fingerprints, and some features can be applied to routed traffic, which can disturb scans directed to machines behind it.
In addition to improving network capabilities, some of the features offered by this patch, such as TCP ISN rewriting, can improve overall network security. The documentation section provides more details on how it works, and the patch is very configurable, making it an excellent addition to any system.
This release includes updates for Linux 2.4.18, fixes for all compile warnings and a potential Oops, as well as documentation updates. Note that email addresses can be found on sourceforge.net. Give the Linux IP Personality patch a try and take control of your network's behavior.
Version 20020427-2.4.18: N/A