This is a brief whitepaper that discusses using portspoof as an active defense against port scanning.
The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure. The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task....
Additional Information:
Source: http://dl.packetstormsecurity.net/papers/general/portspoof.pdf
