FW: Preventing OS Detection
From: Infosecnyc (admin_at_infosecnyc.com)
Date: 02/25/04
- Previous message: Marc Fossi: "Administrivia: Virus in email"
- Maybe in reply to: Paul Kurczaba: "Preventing OS Detection"
- Next in thread: Tony Moran: "Re: Preventing OS Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Kevin E. Casey'" <kcasey@nanoweb.com>, "'Paul Kurczaba'" <paul@myipis.com>, <focus-ms@securityfocus.com> Date: Tue, 24 Feb 2004 18:49:12 -0500
Kevin:
URLScan will deny Web Server banner requests only, not OS detection.
NSA.gov have refuse both banner requests & OS detection,
at onetime in the past as you can see on the netcraft lookup.
*** Just using them as an example, no need to send helicopters over my house
Windows 2000 unknown 19-May-2003 *.213.217.241 [blocking banner requests]
unknown unknown 25-Aug-2002 *.213.217.241 [blocking os detection & banner
requests]
Solaris unknown 13-Aug-2002 *.47.125.33 [blocking banner request]
Solaris Apache/1.3.11 (Unix) 7-Aug-2002 *.47.125.33
Windows 2000 unknown 6-Aug-2002 *.213.217.241 [blocking banner requests]
Solaris Apache/1.3.11 (Unix) 30-Jul-2002 *.47.125.33
unknown unknown 29-Jul-2002 *.213.217.241 [blocking os detection & banner
requests]
Solaris Apache/1.3.11 (Unix) 24-Oct-2001 *.47.125.33 unknown
*****************************************************************
-
But there is 100 other ways to detect an OS.
So whats the point really.
FLUID
-----Original Message-----
From: Kevin E. Casey [mailto:kcasey@nanoweb.com]
Sent: Monday, February 23, 2004 3:54 PM
To: Paul Kurczaba; focus-ms@securityfocus.com
Subject: RE: Preventing OS Detection
If you are running Microsoft IIS, install URLScan and read the instructions.
-----Original Message-----
From: Paul Kurczaba [mailto:paul@myipis.com]
Sent: Friday, February 20, 2004 5:29 PM
To: focus-ms@securityfocus.com
Subject: Preventing OS Detection
If I go to http://uptime.netcraft.com and enter my website, Netcraft will
display my web servers OS, determined from the TCP/IP packet. Is there a way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html
in paragraph titled "Netcraft is Watching", it briefly describes that
registry changes can be made. Can someone please give me some specific
registry changes to prevent others from identifying my web servers OS?
Thanks,
Paul Kurczaba
------------------------------------------------------------------------
--- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219 ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219 --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Marc Fossi: "Administrivia: Virus in email"
- Maybe in reply to: Paul Kurczaba: "Preventing OS Detection"
- Next in thread: Tony Moran: "Re: Preventing OS Detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
