Penetration Testing mailing list archives

RE: Block OS Detection

From: Gadi Evron <ge () linuxbox org>
Date: Sun, 2 Sep 2007 16:03:49 -0500 (CDT)

On Sun, 2 Sep 2007, Ofer Shezaf wrote:

Reverse proxy? So at least for web servers you have a simple solution.
You might be able to reverse proxy few other protocols.

~ Ofer Shezaf

Overwriting values is not going to stop many of the different detectionmethods. As mentioned - just one thingie.


Me? I just change banners.

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Gadi Evron
Sent: Saturday, September 01, 2007 11:08 AM
To: Attari Attari
Cc: pen-test () securityfocus com; pen-test-return-
1078485025 () securityfocus com
Subject: Re: Block OS Detection

Not everything is good, but you can overwrite different packet values
using.. a firewall for example.

Just one thingie.

On Fri, 31 Aug 2007, Attari Attari wrote:

Hello All:

Is there a PRACTICAL solution from PRODUCTION
environments that can be used to block OS detection
from tools like NMAP? I googled and read some notes
but couldn't find a real world solution to blocking
Windows & Linux OS detection.

I'm quite sure I'll get the right inputs here.

Thank you.

Attari


     Unlimited freedom, unlimited storage. Get it now, on

http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/

---------------------------------------------------------------------

---

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads

---------------------------------------------------------------------

---

-----------------------------------------------------------------------

-
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads

-----------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Re: Block OS Detection Gadi Evron (Sep 01)
- Re: Block OS Detection Jonathan Yu (Sep 01)
- RE: Block OS Detection Ofer Shezaf (Sep 04)
  - RE: Block OS Detection Gadi Evron (Sep 04)
  - RE: Block OS Detection Gadi Evron (Sep 04)
    - RE: Block OS Detection Philippe Bogaerts (Sep 04)
- <Possible follow-ups>
- Re: Block OS Detection Dotzero (Sep 04)
- Block OS Detection Jon DeShirley (Sep 04)
  - Re: Block OS Detection Joxean Koret (Sep 04)
  - Re: Block OS Detection Robert E. Lee (Sep 05)
    - Re: Block OS Detection Gadi Evron (Sep 05)
- Re: Block OS Detection sami seclist (Sep 04)
- RE: Block OS Detection Andrew Court (Sep 04)
  - RE: Block OS Detection alan (Sep 04)
  - RE: Block OS Detection Strykar (Sep 05)

(Thread continues...)