hi guys
Time To Live allows the identification of the operating system, most Linux defaults to 64
this allows an attacker to identify the Linux version . when using analysis tools you can
send non-existent TTL requests .
Modification kernel/incluide/uapi/linux/ip.h
#define IPVERSION 4
#define MAXTTL 255
#define IPDEFTTL 64
The value can be modified to different operating systems
64 – Linux/MAC OSX systems
128 – Windows systems
255 – Network devices
Modify this line to prevent Linux from being detected by TTL.
#define IPDEFTTL 222
you can do a script every 3 minutes change the TTL
echo 111 > /proc/sys/net/ipv4/ip_default_ttl
echo 58 > /proc/sys/net/ipv4/ip_default_ttl
echo 71 > /proc/sys/net/ipv4/ip_default_ttl
etc ..
This script will continuously protect TTL responses