Security Basics mailing list archives
RE: Preventing OS Detection
From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Fri, 20 Feb 2004 17:33:54 -0600
If you decide to change your banners, just be conscious of the fact that this is a layer of obscurity, not security. Someone with skills will find out what you're running anyway. There are free tools to do this [1], as well as commercial tools [2]. If you search the registry for Server: Microsoft-IIS/5.0, you won't find it. So if it *is* in the registry, it's not in English. The only way I know of to change IIS banners is to modify the corresponding DLL with a hex editor [3]. For example, \winnt\system32\inetsrv\w3svc.dll for the web service. Finally, if any of this voids a warranty or service agreement; I didn't tell you how to do it. Good luck. Joey Peloquin [1] http://www.webattack.com/freeware/server/fwiis.html (I use several tools from this site; I don't know of any reason not to trust them - Search: Banner Edit Tool) [2] http://www.seoconsultants.com/windows/servers/servermask.asp [3] http://www.securiteam.com/securitynews/5RP0L1540K.html
-----Original Message----- From: Paul Kurczaba [mailto:paul () myipis com] Sent: Friday, February 20, 2004 4:30 PM To: security-basics () securityfocus com Subject: Preventing OS Detection If I go to http://uptime.netcraft.com and enter my website, Netcraft will display my web servers OS, determined from the TCP/IP packet. Is there a way in the windows registry to prevent Netcraft (or anyone else) from identifying my OS? On the page http://www.webhostgear.com/36,1.html in paragraph titled "Netcraft is Watching", it briefly describes that registry changes can be made. Can someone please give me some specific registry changes to prevent others from identifying my web servers OS? Thanks, Paul Kurczaba -------------------------------------------------------------- ------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_security-basics_04
0219 ----------------------------------------------------------------------------
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer.
--------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_security-basics_040219 ----------------------------------------------------------------------------
Current thread:
- Preventing OS Detection Paul Kurczaba (Feb 20)
- RE: Preventing OS Detection dave kleiman (Feb 24)
- RE: Preventing OS Detection Tiago Halm (Feb 27)
- Re: Preventing OS Detection Vincent (Feb 24)
- RE: Preventing OS Detection Jim Laverty (Feb 25)
- RE: Preventing OS Detection Joey Peloquin (Feb 24)
- RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- RE: Preventing OS Detection Joey Peloquin (Feb 27)
- RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- <Possible follow-ups>
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- Re: Preventing OS Detection Naren (Feb 25)
- FW: Preventing OS Detection check (Feb 25)
- MS IIS Urlscan - Preventing OS Detection Tom Milliner (Feb 25)
- RE: Preventing OS Detection dave kleiman (Feb 24)