From 08eeffa3de6901b7b8f957a8c1bef827bd6313d2 Mon Sep 17 00:00:00 2001
From: Piotr Duszynski <regis44@gmail.com>
Date: Tue, 31 Dec 2013 14:43:29 +0100
Subject: [PATCH] v.1.1

---
 ChangeLog |  6 ++++++
 README    | 22 ++++++++++++++++------
 README.md | 13 +++++++++----
 3 files changed, 31 insertions(+), 10 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 447f7fb..0cce068 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+1.1 - 1/01/2014 - Linux
+* Minor release.
+* Updated reverse regular expression generation engine (used for generting bogus service signatures).
+* Over 9000 service signatures in the portspoof_signatures file.
+* Better memory management.
+
 1.0 - 01/08/2013 - Linux
 * Major release. 
 * Ported to C++. 
diff --git a/README b/README
index aaad698..e5e9ba5 100644
--- a/README
+++ b/README
@@ -2,26 +2,36 @@ Portspoof software overview
 
 Short description:
 
-	*Art of annoyance*
+	*Art of Annoyance*
 
-	The Portspoof program primary goal is to enhance OS security through a new service emulation technique that renders all standard port scanning results useless.
+	The Portspoof program primary goal is to enhance OS security, through:
+	- simulating open ports, thus it is diffucult to determine if a valid software is listening on a particular port (check out the screenshot)
+	- emulating bogus services on all open ports by sending valid service signatures to your offenders scanning software.
+
+	As a result:
+	- half-open port scans are no longer deterministic and one has to service probe all ports
+	- service probes always return a valid service
+	- port scanners end up with 65535 valid signatures to analyze
 
 	*Art of Active (Offensive) Defense*
 
-	Portspoof can be used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. In practice this usually means exploiting your attackers' tools and exploits. This approach is purely based on Active (Offensive) Defense concepts.
+	Portspoof can be used as an 'Exploitation Framework Frontend', that turns your system into responsive and aggressive machine. 
+	In practice this usually means exploiting your attackers' tools and exploits. This approach is purely based on Active (Offensive) Defense concepts.
 
 
-	It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
+	*General*
+
+	Porsoof is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
 	The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow  and output very difficult to interpret, 
 	thus making the attack reconnaissance phase a challenging and bothersome task.
 	 
 	 The most important features that Portspoof has:
 
 	- Portspoof is a userland software and does not require root privileges ! 
-	- Binds to just one tcp port per a running instance 
+	- Binds to just one tcp port per a running instance (no bind per every open port!)
 	- Easily customizable through iptables rules 
 	- Marginal CPU/memory usage (multithreaded) 
-	- More than 8000 dynamic service signatures are supported ! 
+	- More than 9000 dynamic service signatures are supported ! 
 	- Will help you to automate your Active Defense attacks against your attackers tools and scripts
 	
 	http://portspoof.org/
diff --git a/README.md b/README.md
index e0de6b4..00474f7 100644
--- a/README.md
+++ b/README.md
@@ -4,10 +4,15 @@
 
 ### Short description:
 
-The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. 
-It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
-The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow  and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task.
-	 
+The Portspoof program primary goal is to enhance OS security, through:
+	- simulating open ports, thus it is diffucult to determine if a valid software is listening on a particular port (check out the screenshot)
+	- emulating bogus services on all open ports by sending valid service signatures to your offenders scanning software.
+
+	As a result:
+	- half-open port scans are no longer deterministic and one has to service probe all ports
+	- service probes always return a valid service
+	- port scanners end up with 65535 valid signatures to analyze
+
 ###General benefits of using this software are:
 * Protection against well known port scanners (all scanning results are chaotic and difficult to interpret)
 * Possibility to use your current firewall rules to decide for which hosts "port spoofing" applies