FW: Preventing OS Detection

From: Infosecnyc (admin_at_infosecnyc.com)
Date: 02/25/04

  • Next message: Tony Moran: "Re: Preventing OS Detection"
    To: "'Kevin E. Casey'" <kcasey@nanoweb.com>, "'Paul Kurczaba'" <paul@myipis.com>, <focus-ms@securityfocus.com>
    Date: Tue, 24 Feb 2004 18:49:12 -0500
    
    

    Kevin:

    URLScan will deny Web Server banner requests only, not OS detection.

    NSA.gov have refuse both banner requests & OS detection,
    at onetime in the past as you can see on the netcraft lookup.

    *** Just using them as an example, no need to send helicopters over my house

    Windows 2000 unknown 19-May-2003 *.213.217.241 [blocking banner requests]

    unknown unknown 25-Aug-2002 *.213.217.241 [blocking os detection & banner
    requests]

    Solaris unknown 13-Aug-2002 *.47.125.33 [blocking banner request]

    Solaris Apache/1.3.11 (Unix) 7-Aug-2002 *.47.125.33

    Windows 2000 unknown 6-Aug-2002 *.213.217.241 [blocking banner requests]

    Solaris Apache/1.3.11 (Unix) 30-Jul-2002 *.47.125.33

    unknown unknown 29-Jul-2002 *.213.217.241 [blocking os detection & banner
    requests]

    Solaris Apache/1.3.11 (Unix) 24-Oct-2001 *.47.125.33 unknown
    *****************************************************************
    -
    But there is 100 other ways to detect an OS.

    So whats the point really.

    FLUID

    -----Original Message-----
    From: Kevin E. Casey [mailto:kcasey@nanoweb.com]
    Sent: Monday, February 23, 2004 3:54 PM
    To: Paul Kurczaba; focus-ms@securityfocus.com
    Subject: RE: Preventing OS Detection

    If you are running Microsoft IIS, install URLScan and read the instructions.

    -----Original Message-----
    From: Paul Kurczaba [mailto:paul@myipis.com]
    Sent: Friday, February 20, 2004 5:29 PM
    To: focus-ms@securityfocus.com
    Subject: Preventing OS Detection

    If I go to http://uptime.netcraft.com and enter my website, Netcraft will
    display my web servers OS, determined from the TCP/IP packet. Is there a way
    in the windows registry to prevent Netcraft (or anyone else) from
    identifying my OS? On the page http://www.webhostgear.com/36,1.html
    in paragraph titled "Netcraft is Watching", it briefly describes that
    registry changes can be made. Can someone please give me some specific
    registry changes to prevent others from identifying my web servers OS?

    Thanks,
    Paul Kurczaba

    ------------------------------------------------------------------------

    ---
    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.
    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.
    Download 30-day evaluation at:
    http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.
    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.
    Download 30-day evaluation at:
    http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Tony Moran: "Re: Preventing OS Detection"