OSFuscation allows for obfuscating your systems Operating System from active and passive fingerprinting. This is achieved by modifying the network packages according to the Operating System you want to impersonate.

OSFuscation can impersonate any Operating System, allowing for example your Linux host look like a mobile device.

• Obfuscate your Operating System from active and passive fingerprinting techniques.
• Completely transparent to any process running on the host.
• Dynamically enable and disable the obfuscating and the impersonated Operating System via an API.
• Overview of all obfuscated interfaces and the applied OS profiles.
• Packet statistics per interface.
• Works on any IPv4 and IPv6 network traffic.
• Runs on Linux x86/x64 or ARM architecture. Other operating systems on request.
• Works with p0f v3 and nmap.

Method

OSFuscation intercepts all outgoing network traffic using nfqueues (netfilter queues), applies the network package profile of the chosen operating system and releases traffic back into the network.

The system is stateless which allows scaling to multiple netfilter queues and allows for concurrent processing of the packages.

The netfilter queue system does have a small overhead from queueing the packages, time until the package is picked up, processed and then being released to the network. This overhead is system dependent and varies based on the configuration of the queues and the amount of traffic leaving the system.

For high volume and low latency obfuscation, we are able to offer an experimental implementation utilizing eXpress Data Path (XDA) sockets.

Pricing

We use a predictable license model that grows with your demand.

• Flexible license system based on usage.
• Optional volume license safeguarding your usage.

Contact info@rist.dev for more details and alternative pricing models.