RE: Preventing OS Detection
From: Sergey V. Gordeychik (gordey_at_infosec.ru)
Date: 02/24/04
- Previous message: KEVIN BLACK: "RE: Controlling Admin Access"
- Maybe in reply to: Paul Kurczaba: "Preventing OS Detection"
- Next in thread: Hernan Marcelo Racciatti: "RE: Preventing OS Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 24 Feb 2004 09:02:58 +0300 To: "Paul Kurczaba" <paul@myipis.com>, <focus-ms@securityfocus.com>
You can try tools like antinmap, or just play with following parameters
of registry:
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpWindowSize
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultTTL
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultTOS
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\EnablePMTUBHDete
ct
I think that netcraft use similar to nmap technique, and this can
deceive it.
Don't forget to change Web server banners and error pages.
-----Original Message-----
From: Paul Kurczaba [mailto:paul@myipis.com]
Sent: Saturday, February 21, 2004 1:29 AM
To: focus-ms@securityfocus.com
Subject: Preventing OS Detection
If I go to http://uptime.netcraft.com and enter my website, Netcraft
will
display my web servers OS, determined from the TCP/IP packet. Is there a
way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html in
paragraph titled "Netcraft is Watching", it briefly describes that
registry
changes can be made. Can someone please give me some specific registry
changes to prevent others from identifying my web servers OS?
Thanks,
Paul Kurczaba
------------------------------------------------------------------------
--- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219 ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219 ---------------------------------------------------------------------------
- Previous message: KEVIN BLACK: "RE: Controlling Admin Access"
- Maybe in reply to: Paul Kurczaba: "Preventing OS Detection"
- Next in thread: Hernan Marcelo Racciatti: "RE: Preventing OS Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
