Using commercial tools to secure your network is recommended, but it is necessary to be one step further to keep the system secure. With this technique you can give that step in order defend your servers against the first phase of all attacks Fingerprinting. This is done by intercepting all traffic that your box is sending in order to camouflage and modify in real time the flags in TCP/IP packets that discover your system.
This tool is a practical approach for detecting and defeating:
- Active remote OS fingerprinting: like Nmap or Xprobe
- Passive remote OS fingeprinting: like p0f or pfsense
The tool was presented at Black Hat USA 2013 (Arsenal) (more info in this blog post) but is no longer under development.
You should take a look at OSfooler-NG, a new version completely rewriten from the ground up, being highly portable, more efficient and combining all known techniques to detect and defeat OS fingerprinting at the same time.