grsecurity forums

im not sure is grsec related, but...

can I spoof/mask/deny os fingerprinting? everyone can detect my os and kernel.

Have you tried fingerprinting your pc?
Most of the fingerprinting tools (kiddie level) gather all information the several services give at the most common ports. But that is not grsec-related, it is basic system management.
I assume you don't mean protecting against fingerprinting by people who are logged in.

Perhaps you could tell when you see the kernelversion displayed?

There're ways to set obscure defauls like different TTLs or something to make (Nmap) OS fingerprinting harder. However the sophistication of the tools, speaking of p0f or active fingerprinting like in Nmap and other scanners, is not kiddy-level. I don't see many reasons in general to hide system's OSes. First of all you will not be able to archive that in a way that really hides your (potentially) vulnerable entry-points. But furthermore you waste a hell lot of time better used to patch that stuff ;).