DECNET

anti/DECNET

Fork 0

Commit Graph

Author	SHA1	Message	Date
anti	62a67f3d1d	docs(HARDENING): rewrite roadmap based on live scan findings Phase 1 is complete. Live testing revealed: - Window size (64240) is already correct — Phase 2 window mangling unnecessary - TI=Z (IP ID = 0) is the single remaining blocker for Windows spoofing - ip_no_pmtu_disc does NOT fix TI=Z (tested and confirmed) Revised phase plan: - Phase 2: ICMP tuning (icmp_ratelimit + icmp_ratemask sysctls) - Phase 3: NFQUEUE daemon for IP ID rewriting (fixes TI=Z) - Phase 4: diminishing returns, not recommended Added detailed NFQUEUE architecture, TCPOPTSTRIP notes, and note clarifying P= field in nmap output.	2026-04-10 16:38:27 -04:00
anti	d8457c57f3	docs: add OS fingerprint spoofing hardening roadmap	2026-04-10 16:02:00 -04:00

Author

SHA1

Message

Date

anti

62a67f3d1d

docs(HARDENING): rewrite roadmap based on live scan findings

Phase 1 is complete. Live testing revealed:
- Window size (64240) is already correct — Phase 2 window mangling unnecessary
- TI=Z (IP ID = 0) is the single remaining blocker for Windows spoofing
- ip_no_pmtu_disc does NOT fix TI=Z (tested and confirmed)

Revised phase plan:
- Phase 2: ICMP tuning (icmp_ratelimit + icmp_ratemask sysctls)
- Phase 3: NFQUEUE daemon for IP ID rewriting (fixes TI=Z)
- Phase 4: diminishing returns, not recommended

Added detailed NFQUEUE architecture, TCPOPTSTRIP notes, and
note clarifying P= field in nmap output.

2026-04-10 16:38:27 -04:00

anti

d8457c57f3

docs: add OS fingerprint spoofing hardening roadmap

2026-04-10 16:02:00 -04:00

2 Commits