RE: Preventing OS Detection

["dave kleiman" <dave () isecureu com>]

Paul,

Since you mentioned "registry changes" I am assuming you are talking about
an Windows OS.  You can easily hide the "server" info on a IIS system by
removing the server header.  I imagine since you seemed concerned with
security you are using UrlScan, in the urlscan.ini file change
RemoveServerHeader to =1 instead of =0.

But this only masks it for the type of request Netcraft is doing, it will
not stop a portscan or things of that nature from identifying your OS.


 
_____________________________________
Dave Kleiman, CISSP, CISM, CIFI, MCSE 
www.SecurityBreachResponse.com

"If Wile E. Coyote had enough money to buy all that Acme crap, why didn't he
just buy dinner?" S.W. 
 



-----Original Message-----
From: Paul Kurczaba [mailto:paul () myipis com] 
Sent: Friday, February 20, 2004 17:30
To: security-basics () securityfocus com
Subject: Preventing OS Detection


If I go to http://uptime.netcraft.com and enter my website, Netcraft will
display my web servers OS, determined from the TCP/IP packet. Is there a way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html in
paragraph titled "Netcraft is Watching", it briefly describes that registry
changes can be made. Can someone please give me some specific registry
changes to prevent others from identifying my web servers OS?

Thanks,
Paul Kurczaba





---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_security-basics_040219
----------------------------------------------------------------------------