Penetration Testing mailing list archives

RE: Block OS Detection

From: "Arafat M. Bique" <arafat.bique () bci co mz>
Date: Wed, 5 Sep 2007 14:09:13 +0200

For Windows System and IIS is not quite easily to do that. I don't know
if someone has a solution that isn't reverse proxy.

Regards,

Arafat M. Bique
Network Infrastructure
IT Department
email:arafat.bique () bcifomento co mz
Web:http://www.bcifomento.co.mz

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of John Brazel
Sent: Wednesday, September 05, 2007 10:01 AM
To: Attari Attari
Cc: pen-test () securityfocus com
Subject: Re: Block OS Detection

OpenBSD's pf firewall has a 'scrub' option that allows normalisation
of various TCP header fields, as well as fragment re-assembly and the
like.

J.

On 8/31/07, Attari Attari <c70n3 () yahoo co in> wrote:

Hello All:

Is there a PRACTICAL solution from PRODUCTION
environments that can be used to block OS detection
from tools like NMAP? I googled and read some notes
but couldn't find a real world solution to blocking
Windows & Linux OS detection.

I'm quite sure I'll get the right inputs here.

Thank you.

Attari


      Unlimited freedom, unlimited storage. Get it now, on

http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Re: Block OS Detection, (continued)
- Re: Block OS Detection Dotzero (Sep 04)
- Block OS Detection Jon DeShirley (Sep 04)
  - Re: Block OS Detection Joxean Koret (Sep 04)
  - Re: Block OS Detection Robert E. Lee (Sep 05)
    - Re: Block OS Detection Gadi Evron (Sep 05)
- Re: Block OS Detection sami seclist (Sep 04)
- RE: Block OS Detection Andrew Court (Sep 04)
  - RE: Block OS Detection alan (Sep 04)
  - RE: Block OS Detection Strykar (Sep 05)
- Re: Block OS Detection John Brazel (Sep 05)
  - RE: Block OS Detection Arafat M. Bique (Sep 05)
    - Re: Block OS Detection vtlists (Sep 05)