Re: how to change OS idenfication?

From: Stef (stefmit_at_comcast.net)
Date: 02/19/04

  • Next message: Neil Fryer: "RE: how to change OS idenfication?" 
    Date: Wed, 18 Feb 2004 17:05:51 -0600
To: focus-linux@securityfocus.com

    Try this:

    http://www.citi.umich.edu/u/provos/honeyd/

    perhaps combined with a VMWARE or UML within which to run your real
    stuff, "bridged" through the honeyd ...

    Stef

    On Feb 18, 2004, at 1:44 AM, C. Ulrich wrote:

    > On Tue, 2004-02-17 at 05:20, Monty Ree wrote:
    >> Hello, all.
    >>
    >> I have operated linux sevrer and I would like to change the OS
    >> identification.
    >> So using nmap, I would like to be seen Windows instead of linux for
    >> security reason.
    >>
    >> I heard that ippersonality(http://ippersonality.sourceforge.net)
    >> enable
    >> this.
    >> But the development of the ippersonality seems to be stopped.
    >>
    >> Is there any other method to change the OS identification?
    >>
    >> Thanks in advance.
    >
    > Unless memory fails me, nmap detects the remote operating system by
    > looking for slight variations in the responses that it gets from
    > certain
    > probes and other information coming back from the host. There is no
    > string lying about somewhere in the packets that says, "Hi, I'm a Linux
    > machine" for example. One would have to tweak almost every part of the
    > networking code in order to make the packets appear that they're coming
    > from some other particular operating system. If someone actually did
    > this, the nmap authors could conceivably update their code to correct
    > for the modifications in a later version, which then defeats the
    > purpose
    > of the modifications, which then creates a vicious circle that spirals
    > out of control, causing earthquakes and eradicating whole hemispheres
    > of
    > the planet, ad ininitum, ad nauseum, etc.
    >
    > You can see that it would just be a huge mess that, frankly, nobody
    > wants to deal with. For information on how nmap fingerprinting works,
    > see:
    >
    > http://www.insecure.org/nmap/nmap-fingerprinting-article.html
    >
    > I'd guess that a good firewall and applying proper security procedures
    > would go a lot further than trying to spoof your OS fingerprint.
    >
    > Charles Ulrich
    >
    > P.S. You want your server to appear to be running Windows instead of
    > Linux for security reasons? You're an interesting character. :)
    >
    > --
    > http://bityard.net
    >

  • Next message: Neil Fryer: "RE: how to change OS idenfication?"

    Relevant Pages

    • Re: how to change OS idenfication?
      ... nmap detects the remote operating system by ... > string lying about somewhere in the packets that says, "Hi, I'm a Linux ... In my case this has not had a measurable impact on my network performance, ...
      (Focus-Linux)
    • Re: how to change OS idenfication?
      ... > I have operated linux sevrer and I would like to change the OS ... > security reason. ... nmap detects the remote operating system by ...
      (Focus-Linux)
    • Open Letter (Plea for Medical Help/Assistance) to World Leaders
      ... My Facebook account: http://www.facebook.com/profile.php?id=100000750083982 ... Linux on my home multimedia desktop tower system. ... Pass-through for PCI-Express x16 graphics card to Windows XP Home ... Edition HVM domU guest operating system at my Youtube account. ...
      (Fedora)
    • Re: Open Letter (Plea for Medical Help/Assistance) to World Leaders Part 1 of 2
      ... Linux on my home multimedia desktop tower system. ... Edition HVM domU guest operating system at my Youtube account. ... and Using Xen Virtualization ... ChromiumOS64 project. ...
      (Ubuntu)
    • Re: text file saved in COM format..
      ... But Windoze ... A more sophisticated operating system won't bother doing file ... Linux is ready for the desktop! ... Maybe a bit of a hassle for the newbie, but that's what keeps the user space ...
      (microsoft.public.windowsxp.general)