If a paranoid system administrator has blocked ssh access from Linux hosts to your office’s network — using the OpenBSD packet filter’s fingerprinting — and you find yourself without access to the office’s mail server, you might want to make your Linux workstation’s TCP stack look like something else by changing the TTL, for example:
echo 128 > /proc/sys/net/ipv4/ip_default_ttl
The road to this hack is quite easy, anyway:
- install OpenBSD in a virtual machine;
- look hard at /etc/pf.os and look for possible useful differences;
- see that Linux uses a TTL of 64 while Windows XP uses 128;
- profit!
Item 1 was needed because I couldn’t find a copy of /etc/pf.os quickly, so I figured that it’d take less to just install an OpenBSD.