Saturday, May 21, 2016

Portspoof : Service Signature Obfusor

The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. The eral goal of the program is to make the port scanning process very slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task.

Portspoof ftures:

Fast: Multithrded (by default 10 thrds handle new incoming connections).Lightweight: Requires small amount of system resources.Portable: runs on BSD/Linux (support for OSX/ will be added).Flexible: You can sily use your firewall rules to define ports that are going to be spoofed.Effective against popular port scannersBy default, portspoof will bind only to one port – 4444 on all interfaces and is extremely CPU friendly. So, after running this program and scanning it with Nmap, you will find that though not many ports are open in rlity, a lot of false open ports will be detected.Download

No comments:

Post a Comment