Penetration Testing mailing list archives
Re: Block OS Detection
From: "Jonathan Yu" <jonathan.i.yu () gmail com>
Date: Sat, 1 Sep 2007 09:12:32 -0400
Hi there, I am by no means an expert, but I believe that each TCP stack produces a "unique" signature. Each operating system's stack behaves a certain way and there are quirks based on the implementation, so I think that you will still be able to fingerprint the operating system based on those unless you do some sort of scrubbing (which would be pretty difficult). Perhaps replacing the entire stack with something used by a lot of people on different systems would give you the protection you require? Jonathan Yu On 9/1/07, Gadi Evron <ge () linuxbox org> wrote:
Not everything is good, but you can overwrite different packet values using.. a firewall for example. Just one thingie. On Fri, 31 Aug 2007, Attari Attari wrote:Hello All: Is there a PRACTICAL solution from PRODUCTION environments that can be used to block OS detection from tools like NMAP? I googled and read some notes but couldn't find a real world solution to blocking Windows & Linux OS detection. I'm quite sure I'll get the right inputs here. Thank you. Attari Unlimited freedom, unlimited storage. Get it now, on http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Re: Block OS Detection Gadi Evron (Sep 01)
- Re: Block OS Detection Jonathan Yu (Sep 01)
- RE: Block OS Detection Ofer Shezaf (Sep 04)
- RE: Block OS Detection Gadi Evron (Sep 04)
- RE: Block OS Detection Gadi Evron (Sep 04)
- RE: Block OS Detection Philippe Bogaerts (Sep 04)
- <Possible follow-ups>
- Re: Block OS Detection Dotzero (Sep 04)
- Block OS Detection Jon DeShirley (Sep 04)
- Re: Block OS Detection Joxean Koret (Sep 04)
- Re: Block OS Detection Robert E. Lee (Sep 05)
- Re: Block OS Detection Gadi Evron (Sep 05)
- Re: Block OS Detection sami seclist (Sep 04)
(Thread continues...)