Penetration Testing mailing list archives

RE: Block OS Detection

From: Gadi Evron <ge () linuxbox org>
Date: Sun, 2 Sep 2007 16:07:38 -0500 (CDT)

Hmm, I'd just identify the reverse proxy, heck, it probably has morevulnerabilities in it than the web server.


It depends on how important it would be to me. Cost.

Then of course, different web servers respond differently/etc. AThis isimportant: A reverse proxy is far from the perfect solution, and at timesit can be negative.



On Sun, 2 Sep 2007, Ofer Shezaf wrote:

Reverse proxy? So at least for web servers you have a simple solution.
You might be able to reverse proxy few other protocols.

~ Ofer Shezaf

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Gadi Evron
Sent: Saturday, September 01, 2007 11:08 AM
To: Attari Attari
Cc: pen-test () securityfocus com; pen-test-return-
1078485025 () securityfocus com
Subject: Re: Block OS Detection

Not everything is good, but you can overwrite different packet values
using.. a firewall for example.

Just one thingie.

On Fri, 31 Aug 2007, Attari Attari wrote:

Hello All:

Is there a PRACTICAL solution from PRODUCTION
environments that can be used to block OS detection
from tools like NMAP? I googled and read some notes
but couldn't find a real world solution to blocking
Windows & Linux OS detection.

I'm quite sure I'll get the right inputs here.

Thank you.

Attari


     Unlimited freedom, unlimited storage. Get it now, on

http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/

---------------------------------------------------------------------

---

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads

---------------------------------------------------------------------

---

-----------------------------------------------------------------------

-
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads

-----------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Re: Block OS Detection Gadi Evron (Sep 01)
- Re: Block OS Detection Jonathan Yu (Sep 01)
- RE: Block OS Detection Ofer Shezaf (Sep 04)
  - RE: Block OS Detection Gadi Evron (Sep 04)
  - RE: Block OS Detection Gadi Evron (Sep 04)
    - RE: Block OS Detection Philippe Bogaerts (Sep 04)
- <Possible follow-ups>
- Re: Block OS Detection Dotzero (Sep 04)
- Block OS Detection Jon DeShirley (Sep 04)
  - Re: Block OS Detection Joxean Koret (Sep 04)
  - Re: Block OS Detection Robert E. Lee (Sep 05)
    - Re: Block OS Detection Gadi Evron (Sep 05)
- Re: Block OS Detection sami seclist (Sep 04)
- RE: Block OS Detection Andrew Court (Sep 04)
  - RE: Block OS Detection alan (Sep 04)

(Thread continues...)