Portspoof : Service Signature Obfuscator
The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. The general goal of the program is to make the port scanning process very slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task.
Portspoof features:
* Fast: Multithreaded (by default 10 threads handle new incoming connections).
* Lightweight: Requires small amount of system resources.
* Portable: runs on BSD/Linux (support for OSX/Windows will be added).
* Flexible: You can easily use your firewall rules to define ports that are going to be spoofed.
* Effective against popular port scanners
* By default, portspoof will bind only to one port – 4444 on all interfaces and is extremely CPU friendly. So, after running this program and scanning it with Nmap, you will find that though not many ports are open in reality, a lot of false open ports will be detected.
