Source: http://portspoof.duszynski.eu/
The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.
The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task.
Here is an example nmap scan result against system running portspoof:
– default scan took about 800s (instead of 20s)
– CPU usage was at 0,5%
– memory usage was at 0,5%
– only one legitimate service is running on port in range of 1-65535
Check portspoof in action (Live demo – will sometimes hang due to dev. process ):
nmap -sV 54.247.124.68