I found your entry interesting thus I’ve added a Trackback to it on my weblog …

the main health and beauty secrets…

I think comparing verizon.com to the logged in user experience is apples to oranges. My problems only happen after I log in to “My Verizon”.

From what I understand, there are 2 forms of OS fingerprinting, Passive and Active. Passive, what would be used in this case, basically uses information it gleans from the IP and TCP headers in the packets it receives. Stuff like TCP sequence numbers and flags. There is also active OS fingerprinting, which involves sending strange packets to a host, to see what it returns. See my blog post, http://glimpseintoentropy.blogspot.com/2009/10/iptables-stealth-scan-detection.html – it briefly discusses scans that send TCP packets with malformed flags. The scans work off of what data is returned by the OS. My post discusses making the linux firewall, iptables, reply or not, based on what you want the scan to reveal.

Now, if you’re using a hardcore firewall, like OpenBSD’s PF, then it can take care of most of this for you. pfSense is a great firewall package, that has the power of pf and FreeBSD, with the simplicity and web-interface of a standard home router. This firewall can block all OS fingerprinting, both active and passive, as well as stop SYN flood DOS attacks in their tracks.

Intentional or not:
Well, this may be a moot point, since it works fine for me. I’d guess it’s unintentional – probably a network engineer thinking they’ve found a clever way to block some sort of attack. You may want to run wireshark on one of your sessions with Verizon.com and see what it reveals.

Try your VM in bridged mode and tell me what happens.