Re: [OSFP] a solution against 'xprobe2' and 'nmap -O' ??
From: Stachu 'Dozzie' K. (dozzie_at_dynamit.im.pwr.wroc.pl.nospam)
Date: 05/24/05
- Next message: Menno Duursma: "Re: ssh: access with passwords for group A, with keys only for group B?"
- Previous message: Jack Masters: "Re: Reset root password"
- In reply to: jayjwa: "Re: [OSFP] a solution against 'xprobe2' and 'nmap -O' ??"
- Next in thread: c0ntex: "Re: a solution against 'xprobe2' and 'nmap -O' ??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 24 May 2005 08:56:00 +0000 (UTC)
On 24.05.2005, jayjwa <jayjwa@nowhere.org> wrote:
> On 2005-05-23, Amine Elleuch wrote:
>
>> I'm looking for a solution that can make impossible to a hacker to get
>> the OS version of my servers by FringerPrinting (using for example 'nmap
>> -O' or 'xprobe2').
>
> It's not so much the OS version they are after, but the versions of the
> applications that sit listening on various ports. Who cares if it's running
> Fedora Core something-or-another, if it's running Proftpd 1.2.9 or an older
> b0rked version of Openssl is advertising itself in everything it's linked
> against?
This can be very useful information since different compilations of the
same code or even running the same binary under different kernels can
put the same variables at different addresses in memory, which makes
writing exploits harder.
-- Feel free to correct my English Stanislaw Klekot
- Next message: Menno Duursma: "Re: ssh: access with passwords for group A, with keys only for group B?"
- Previous message: Jack Masters: "Re: Reset root password"
- In reply to: jayjwa: "Re: [OSFP] a solution against 'xprobe2' and 'nmap -O' ??"
- Next in thread: c0ntex: "Re: a solution against 'xprobe2' and 'nmap -O' ??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
