RE: Preventing OS Detection

From: Jimmy Sansi (jsansi_at_ritzfoodservice.com)
Date: 02/24/04

  • Next message: stu: "RE: Preventing OS Detection"
    Date: Mon, 23 Feb 2004 16:24:13 -0800
    To: "'Paul Kurczaba'" <paul@myipis.com>, <focus-ms@securityfocus.com>
    
    

    You should take a look at www.nmap.org and read the information on OS finger
    printing to get a good idea of whats going on with OS detection (although I
    am unaware of how Netcraft does it but assume its similar).

    The primary question is why do you wish to do this? My personal opinion is
    that security through obscurity doesn't work, or at best doesn't work for
    very long. Especially if you have someone determined/skilled enough to
    perform more then just a few automated scans of your Internet facing
    systems.

    -Jimmy

    -----Original Message-----
    From: Paul Kurczaba [mailto:paul@myipis.com]
    Sent: Monday, February 23, 2004 1:01 PM
    To: focus-ms@securityfocus.com
    Subject: Preventing OS Detection

    If I go to http://uptime.netcraft.com and enter my website, Netcraft will
    display my web servers OS, determined from the TCP/IP packet. Is there a way
    in the windows registry to prevent Netcraft (or anyone else) from
    identifying my OS? On the page http://www.webhostgear.com/36,1.html in
    paragraph titled "Netcraft is Watching", it briefly describes that registry
    changes can be made. Can someone please give me some specific registry
    changes to prevent others from identifying my web servers OS?

    Thanks,
    Paul Kurczaba

    ---------------------------------------------------------------------------
    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.

    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.

    Download 30-day evaluation at:
    http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.

    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.

    Download 30-day evaluation at:
    http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
    ---------------------------------------------------------------------------


  • Next message: stu: "RE: Preventing OS Detection"