Hmmm... interesting. I'm interested to find out how the program (located at the destination IP) changes the hops before the destination? It doesn't make sense to me. Can anyone enlighten me?

Edit: I'm refering to the "fakeroute" link posted.

Along the lines of the original post (and I'm sure this is stated somewhere is the linked stories, but I haven't read them yet)...

If you do decide to spoof the responses and make a mapping program think you are a different type of machine than you really are, you REALLY have to stay on top of it. I just read Network Intrusion Detection 3rd Edition (Northcutt & Novak) in which they discuss this and the fact that often times upgrades will overwrite your response modifications and your machine could potentially send an identifying response.... all they need is one! If you've got the time to make sure you cover all the bases and spoof ALL responses, go for it!

Just thought I'd say that since I just finished reading about it.