Use the ping command to determine the host's operating system by returning a TTL value. If the TTL value is 128, the target host's operating system can be considered Windows nt/2000, and if the TTL value is 32, the target host operating system is considered to be Windows 95/98, and if the TTL value is 255/64, it is considered to be a Unix operating system. Intruders like to use the ping command, since they believe the TTL value reflects the results, then we can modify the TTL value to deceive the intruder.
Open the Notepad file and write the batch file command:
Copy Code code as follows:
@echo Regedit4>>changettl.reg
@echo. >>changettl.reg
@echo [Hkey_local_machine\system\current_controlset\services\tcpip\parameters]>>changettl.reg
@echo "DefaultTTL" =dword: "000000" >>changettl.reg
@regedit/S/C Changettl.reg
Save the prepared program as a batch file with the extension "bat", and then double-click the file, at which point the TTL value of the operating system is modified to "FF", or 10 to 255, which means that your operating system is artificially "transformed" into a UNIX system. The batch file generates a registry file named "Changettl.reg" in the directory where the file is located, and if you want to run out of this batch file without producing the file, you can add "deltree/y Changettl.reg" on the last line of the batch command. This eliminates the need to confirm that the Changettl.reg file is automatically deleted.