Portspoof
Portspoof software application summary (https://drk1wi.github.io/portspoof/)
** Short description: **
The Portspoof program main objective is to boost OS security through a set of following strategies:
-
All 65535 TCP ports are constantly open
Rather of notifying an aggressor that a specific port remains in a CLOSED or FILTERED state Portspoof will return SYN+ACK for each port connection effort/
As an outcome it is unwise to utilize stealth (SYN, ACK, and so on) port scanning versus your system, because all ports are constantly reported as OPEN:
** ‘nmap -p 1-20 127.0.0.1 ‘** Starting Nmap 6.47 (http://nmap.org) Nmap scan report for 127.0.0.1 Host is up (0.0018 s latency). PORT STATE SERVICE 1/tcp open tcpmux 2/tcp open compressnet 3/tcp open compressnet 4/tcp open unidentified 5/tcp open unidentified 6/tcp open unidentified 7/tcp open echo 8/tcp open unidentified 9/tcp open dispose of 10/tcp open unidentified 11/tcp open systat 12/tcp open unidentified 13/tcp open daytime 14/tcp open unidentified 15/tcp open netstat 16/tcp open unidentified 17/tcp open qotd 18/tcp open unidentified 19/tcp open chargen 20/tcp open ftp-data
-
Every open TCP port imitates a service
Portspoof has a big database of vibrant service signatures, that will be utilized to create phony banners and fool scanners.
Scanning software application generally attempts to identify a service variation that is working on an open port. Portspoof will react to every service probe with a legitimate service signature, that is dynamically produced based upon a service signature routine expression database.
As an outcome an enemy will not have the ability to figure out which port numbers your system is really utilizing:
** ‘nmap -F -sV 127.0.0.1 ‘** Starting Nmap 6.47 (http://nmap.org) Stats: 0:00:30 expired; 0 hosts finished (1 up), 1 going through Service Scan Nmap scan report for 127.0.0.1 Host is up (0.21 s latency). PORT STATE SERVICE VERSION 7/tcp open http Milestone XProtect video security http user interface (tu-ka) 9/tcp open ntop-http Ntop web user interface 1ey (Q) 13/tcp open ftp VxWorks ftpd 6. a 21/tcp open http Grandstream VoIP phone http config 6193206 22/tcp open http Cherokee httpd X 23/tcp open ftp MacOS X Server ftpd (MacOS X Server 790751705) 25/tcp open smtp? 26/tcp open http ZNC IRC bouncer http config 0.097 or later on 37/tcp open finger NetBSD fingerd 53/tcp open ftp Rumpus ftpd 79/tcp open http Web e (Netscreen administrative web server) 80/tcp open http BitTornado tracker dgpX 81/tcp open hosts2-ns? 88/tcp open http 3Com OfficeConnect Firewall http config 106/tcp open pop3pw? 110/tcp open ipp Virata-EmWeb nbF (HP Laserjet 4200 TN http config) 111/tcp open imap Dovecot imapd 113/tcp open smtp Xserve smtpd 119/tcp open nntp? 135/tcp open http netTALK Duo http config 139/tcp open http Oversee Turing httpd kC (domain parking) 143/tcp open crestron-control TiVo DVR Crestron control server 144/tcp open http Ares Galaxy P2P httpd 7942927 179/tcp open http WMI ViH (3Com 5500G-EI switch http config) 199/tcp open smux? 389/tcp open http-proxy ziproxy http proxy 427/tcp open vnc (procedure 3) 443/tcp open https? 444/tcp open snpp?
