Re: [OSFP] a solution against 'xprobe2' and 'nmap -O' ??

From: Karl Levinson, mvp (levinson_k_at_despammed.com)
Date: 05/24/05 

Date: Mon, 23 May 2005 20:32:06 -0400

Simple. Just use a firewall. Such fingerprinting of NMAP requires certain
ports respond to various packet probes.

Note that hiding your OS from such a scan does very little to help your
security. Most attackers don't bother to check before they attack.

An attacker on or near your local network may be able to guess your OS
passively just by sniffing your network traffic, but again a firewall could
help here. But when you browse the Internet, your web browser usually
announces what OS it's on with every request, and again someone could
possibly detect that.

I would probably ignore such probes, since they are probably not skilled
attackers.

"Amine Elleuch" <amine.elleuch@gmail.com> wrote in message
news:1116882997.462673.247810@g43g2000cwa.googlegroups.com...
> Hi there,
>
> I'm looking for a solution that can make impossible to a hacker to get
> the OS version of my servers by FringerPrinting (using for example
> 'nmap -O' or 'xprobe2'). Anyone who knows an efficient mean ??
>
> I heared about IP personnality for Linux, an equivalent for windows ?
> There are some tools designed for windows ?
>
> Thanks in advance,
>
> Amine
>

Quantcast