Re: Preventing OS Detection

• Previous message: stu: "RE: Preventing OS Detection"
• In reply to: Paul Kurczaba: "Preventing OS Detection"
• Next in thread: Kevin E. Casey: "RE: Preventing OS Detection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 23 Feb 2004 21:47:55 -0500
To: focus-ms@securityfocus.com

Paul,

: If I go to http://uptime.netcraft.com and enter my website, Netcraft will
: display my web servers OS, determined from the TCP/IP packet. Is there a way
: in the windows registry to prevent Netcraft (or anyone else) from
: identifying my OS? On the page http://www.webhostgear.com/36,1.html in
: paragraph titled "Netcraft is Watching", it briefly describes that registry
: changes can be made. Can someone please give me some specific registry
: changes to prevent others from identifying my web servers OS?
:

The OS fingerprinting Netcraft and Nmap use is done by looking at the
particular way the OS responds to specially crafted IP packets. This
is generally a kernel level action. There is an article linked from
root prompt (http://www.rootprompt.org/) entitled "A Practical
Approach for Defeating Nmap OS-Fingerprinting". It is a *nix based
discussion, but will give you information and links on OS
Fingerprinting and what to do to throw it off.

HTH

-- 
Andy Murren
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that 
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN 
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219 
---------------------------------------------------------------------------

• Previous message: stu: "RE: Preventing OS Detection"
• In reply to: Paul Kurczaba: "Preventing OS Detection"
• Next in thread: Kevin E. Casey: "RE: Preventing OS Detection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Preventing OS Detection ... If I go to http://uptime.netcraft.com and enter my website, ... display my web servers OS, ... it briefly describes that registry ... Astaro Security Linux -- firewall with Spam/Virus Protection ... (Security-Basics) Preventing OS Detection ... If I go to http://uptime.netcraft.com and enter my website, ... display my web servers OS, ... it briefly describes that registry ... Astaro Security Linux -- firewall with Spam/Virus Protection ... (Focus-Microsoft) Re: [fw-wiz] Security Audit and Priorities ... On Sat, 12 Jul 2003, Paul Ammann wrote: ... What is the best way to block Netcraft from obtain all this information. ... Don't put Web servers on the Internet. ... > best method for doing a security audit? ... (Firewall-Wizards) Re: [fw-wiz] Security Audit and Priorities ... > everything about their web servers. ... > other security areas. ... What is the best way to block Netcraft from obtain all this information. ... > Are there Open Source solutions that would be better than commercial ... (Firewall-Wizards) Re: Preventing OS Detection ... > Subject: Preventing OS Detection ... > display my web servers OS, ... > in the windows registry to prevent Netcraft from ... (Security-Basics)