RE: : hiding OS name
From: Jeremy Suo-Anttila (jps@funeralexchange.com)
Date: 07/09/02
- Next message: Alex: "Re[2]: : hiding OS name"
- Previous message: B.K. DeLong: "Black Hat Briefings Keynotes Include NSA Director and Special Advis. to Bush"
- In reply to: Alex: "Re[2]: hiding OS name"
- Next in thread: Alex: "Re[2]: : hiding OS name"
- Reply: Alex: "Re[2]: : hiding OS name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jeremy Suo-Anttila" <jps@funeralexchange.com> To: "Alex" <freebsd-reply@akruijff.dds.nl> Date: Tue, 9 Jul 2002 10:52:43 -0500
Just because the firewall is OpenBSD do NOT make it anymore secure then a
well tuned and hardened FreeBSD box. The box is only as secure as the
administrator maintaining it.
One way to hide your OS i can see after you have found a way to hide it from
all the services you run on the servers would be to place as bridged
ipf/ipfw firewall in front of them all and then run a black hole on it and
drop all spoofed packets along with a half dozen other known types of scans.
This way if your firewall is scanned the packets will be silently dropped to
the floor and left for dead and the machines behind it should not have ever
been touched by it. Also one final note the FreeBSD packet switching fairies
work much faster for less pay and they are also very easily annoyed.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/funnies.html
Thanks
Jeremy Suo-Anttila
jps@funeralexchange.com
Sent: Tuesday, July 09, 2002 8:52 AM
Cc: security@FreeBSD.ORG
Subject: Re[2]: hiding OS name
Hello/Beste Philip,
Tuesday, July 09, 2002, 1:18:08 AM, you wrote:
>> Date: Sun, 7 Jul 2002 21:29:42 -0700
>> From: Nathan Kinkade <nkinkade@dsl-only.com>
>>
>> On Mon, 8 Jul 2002 09:32:09 +0700
>> "Asep Ruspeni" <ruspeni@mti.itb.ac.id> wrote:
>>
>> > I am newbie in FreeBSD OS, but i have lot of concerned in securing
>> > system.
>> >
>> > I have questions like this :
>> >
>> > - how can i set-up FreeBSD, so when it being scanned, it's show no
>> > operating system name + version.
>> > - is there any articles i colud read about securing freeBSD such as
>> > the question i ask above.
>> >
>> > thank you in advance.
>>
>> What you are looking for is not really a function of FreeBSD, but rather
>> of the various servers you may be running on FreeBSD such as Apache,
>> FTP, Sendmail, and so on. If it's going to happen it will probably be
>> something that you configure the daemon to do, however I don't know
>> which allow you to do something similar other than wu-ftpd, although I'd
>> guess there are others. Network scanning utilities - I'm thinking of
>> nmap in particular - allow you to scan a host(s) and attempt to
>> determine the OS/version based on certain peculiarities in the
>> response(s). One way to help minimize the impact of this would be to
>> set the net.inet.tcp.blackhole and net.inet.udp.blackhole kernel
>> parameters using the sysctl utility. For more information on this
>> checkout the "blackhole(4)" manpage with `man 4 blackhole`.
>>
>> Nathan
PJK> Another option is to put the box behind a firewall. Very often if
PJK> something like nmap is looking for peculiarities in the IP stack
PJK> implementation to ascertain what OS is on a box, if there is a
PJK> firewall in front of it it will be id'ing the firewall's IP
PJK> implementation rather than the target host's.
You can have openBSD on that system to look very very secure.
-- Best regards/Met vriendelijke groet, Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Alex: "Re[2]: : hiding OS name"
- Previous message: B.K. DeLong: "Black Hat Briefings Keynotes Include NSA Director and Special Advis. to Bush"
- In reply to: Alex: "Re[2]: hiding OS name"
- Next in thread: Alex: "Re[2]: : hiding OS name"
- Reply: Alex: "Re[2]: : hiding OS name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
