If you want to disable detection of OS version during Nmap scans

1. Edit the sysctl.conf file

 

vi /etc/sysctl.conf

 

2. Add the following entry at the end of the file

 

net.ipv4.ip_default_ttl = 199

 

save and exist.

 

3. Run the following command to reload the sysctl configuration

 

/sbin/sysctl -p

 

4. You can now check the result by running an online nmap test here

 

https://pentest-tools.com/network-vulnerability-scanning/tcp-port-scanner-online-nmap