mirror of
https://github.com/drk1wi/portspoof.git
synced 2024-06-28 09:41:36 +00:00
v.1.1
This commit is contained in:
parent
92c155d003
commit
08eeffa3de
@ -1,3 +1,9 @@
|
||||
1.1 - 1/01/2014 - Linux
|
||||
* Minor release.
|
||||
* Updated reverse regular expression generation engine (used for generting bogus service signatures).
|
||||
* Over 9000 service signatures in the portspoof_signatures file.
|
||||
* Better memory management.
|
||||
|
||||
1.0 - 01/08/2013 - Linux
|
||||
* Major release.
|
||||
* Ported to C++.
|
||||
|
22
README
22
README
@ -2,26 +2,36 @@ Portspoof software overview
|
||||
|
||||
Short description:
|
||||
|
||||
*Art of annoyance*
|
||||
*Art of Annoyance*
|
||||
|
||||
The Portspoof program primary goal is to enhance OS security through a new service emulation technique that renders all standard port scanning results useless.
|
||||
The Portspoof program primary goal is to enhance OS security, through:
|
||||
- simulating open ports, thus it is diffucult to determine if a valid software is listening on a particular port (check out the screenshot)
|
||||
- emulating bogus services on all open ports by sending valid service signatures to your offenders scanning software.
|
||||
|
||||
As a result:
|
||||
- half-open port scans are no longer deterministic and one has to service probe all ports
|
||||
- service probes always return a valid service
|
||||
- port scanners end up with 65535 valid signatures to analyze
|
||||
|
||||
*Art of Active (Offensive) Defense*
|
||||
|
||||
Portspoof can be used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. In practice this usually means exploiting your attackers' tools and exploits. This approach is purely based on Active (Offensive) Defense concepts.
|
||||
Portspoof can be used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine.
|
||||
In practice this usually means exploiting your attackers' tools and exploits. This approach is purely based on Active (Offensive) Defense concepts.
|
||||
|
||||
|
||||
It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
|
||||
*General*
|
||||
|
||||
Porsoof is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
|
||||
The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret,
|
||||
thus making the attack reconnaissance phase a challenging and bothersome task.
|
||||
|
||||
The most important features that Portspoof has:
|
||||
|
||||
- Portspoof is a userland software and does not require root privileges !
|
||||
- Binds to just one tcp port per a running instance
|
||||
- Binds to just one tcp port per a running instance (no bind per every open port!)
|
||||
- Easily customizable through iptables rules
|
||||
- Marginal CPU/memory usage (multithreaded)
|
||||
- More than 8000 dynamic service signatures are supported !
|
||||
- More than 9000 dynamic service signatures are supported !
|
||||
- Will help you to automate your Active Defense attacks against your attackers tools and scripts
|
||||
|
||||
http://portspoof.org/
|
||||
|
13
README.md
13
README.md
@ -4,10 +4,15 @@
|
||||
|
||||
### Short description:
|
||||
|
||||
The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports.
|
||||
It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
|
||||
The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task.
|
||||
|
||||
The Portspoof program primary goal is to enhance OS security, through:
|
||||
- simulating open ports, thus it is diffucult to determine if a valid software is listening on a particular port (check out the screenshot)
|
||||
- emulating bogus services on all open ports by sending valid service signatures to your offenders scanning software.
|
||||
|
||||
As a result:
|
||||
- half-open port scans are no longer deterministic and one has to service probe all ports
|
||||
- service probes always return a valid service
|
||||
- port scanners end up with 65535 valid signatures to analyze
|
||||
|
||||
###General benefits of using this software are:
|
||||
* Protection against well known port scanners (all scanning results are chaotic and difficult to interpret)
|
||||
* Possibility to use your current firewall rules to decide for which hosts "port spoofing" applies
|
||||
|
Loading…
Reference in New Issue
Block a user