Penetration Testing mailing list archives
Re: Block OS Detection
From: Ivan Arce <ivan.arce () coresecurity com>
Date: Fri, 25 Jan 2008 15:42:28 -0200
OpenBSD's PF has been ported to Windows (pre-Vista) as part of a free firewall/endpoint security software. It is part of research work and in beta state (regular YMMV disclaimer) but I know it has been installed used on production servers for quite some time. The port of OpenBSD's PF provides a fully-featured and stable bidirectional statefull firewall that some found useful to have on windows systems.
http://force.coresecurity.com -ivan Arafat M. Bique wrote:
For Windows System and IIS is not quite easily to do that. I don't know if someone has a solution that isn't reverse proxy. Regards, Arafat M. Bique Network Infrastructure IT Department email:arafat.bique () bcifomento co mz Web:http://www.bcifomento.co.mz -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of John Brazel Sent: Wednesday, September 05, 2007 10:01 AM To: Attari Attari Cc: pen-test () securityfocus com Subject: Re: Block OS Detection OpenBSD's pf firewall has a 'scrub' option that allows normalisation of various TCP header fields, as well as fragment re-assembly and the like. J. On 8/31/07, Attari Attari <c70n3 () yahoo co in> wrote:Hello All: Is there a PRACTICAL solution from PRODUCTION environments that can be used to block OS detection from tools like NMAP? I googled and read some notes but couldn't find a real world solution to blocking Windows & Linux OS detection. I'm quite sure I'll get the right inputs here. Thank you. Attari Unlimited freedom, unlimited storage. Get it now, onhttp://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/------------------------------------------------------------------------This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- "Buy the ticket, take the ride" -HST Ivan Arce CTO CORE SECURITY TECHNOLOGIES http://www.coresecurity.com PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Re: Block OS Detection Ivan Arce (Jan 25)
- Re: Block OS Detection Danny Fullerton (Jan 28)