Security Basics mailing list archives
RE: Preventing OS Detection
From: "Hagen, Eric" <ehagen () DenverNewspaperAgency com>
Date: Mon, 23 Feb 2004 12:01:42 -0700
It has to do with the core implimentation of the TCP/IP stack. I don't know of any simple registry edits that let you customize the behavior of the stack when confronted with targeted, odd or mis-shaped packets. There ARE kernels you can build in OSS systems that can fool these types of OS Fingerprinting and you can do some rudimentary work in fooling would-be port scanners by selectively opening and closing telltale ports if you can. Eric -----Original Message----- From: Paul Kurczaba [mailto:paul () myipis com] Sent: Friday, February 20, 2004 3:30 PM To: security-basics () securityfocus com Subject: Preventing OS Detection If I go to http://uptime.netcraft.com and enter my website, Netcraft will display my web servers OS, determined from the TCP/IP packet. Is there a way in the windows registry to prevent Netcraft (or anyone else) from identifying my OS? On the page http://www.webhostgear.com/36,1.html in paragraph titled "Netcraft is Watching", it briefly describes that registry changes can be made. Can someone please give me some specific registry changes to prevent others from identifying my web servers OS? Thanks, Paul Kurczaba --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_security-basics_040219 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_security-basics_040219 ----------------------------------------------------------------------------
Current thread:
- Preventing OS Detection Paul Kurczaba (Feb 20)
- RE: Preventing OS Detection dave kleiman (Feb 24)
- RE: Preventing OS Detection Tiago Halm (Feb 27)
- Re: Preventing OS Detection Vincent (Feb 24)
- RE: Preventing OS Detection Jim Laverty (Feb 25)
- RE: Preventing OS Detection Joey Peloquin (Feb 24)
- RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- RE: Preventing OS Detection Joey Peloquin (Feb 27)
- RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- <Possible follow-ups>
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- Re: Preventing OS Detection Naren (Feb 25)
- FW: Preventing OS Detection check (Feb 25)
- MS IIS Urlscan - Preventing OS Detection Tom Milliner (Feb 25)
- RE: Preventing OS Detection dave kleiman (Feb 24)