Re: Block OS Detection

[Ivan Arce <ivan.arce () coresecurity com>]

OpenBSD's PF has been ported to Windows (pre-Vista) as part of a free 
firewall/endpoint security software. It is part of research work and in 
beta state (regular YMMV disclaimer) but I know it has been installed used 
on production servers for quite some time. The port of OpenBSD's PF 
provides a fully-featured and stable bidirectional statefull firewall that 
some found useful to have on windows systems.

http://force.coresecurity.com

-ivan


Arafat M. Bique wrote:
> For Windows System and IIS is not quite easily to do that. I don't know
> if someone has a solution that isn't reverse proxy.
>
> Regards,
>
> Arafat M. Bique
> Network Infrastructure
> IT Department
> email:arafat.bique () bcifomento co mz
> Web:http://www.bcifomento.co.mz
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> On Behalf Of John Brazel
> Sent: Wednesday, September 05, 2007 10:01 AM
> To: Attari Attari
> Cc: pen-test () securityfocus com
> Subject: Re: Block OS Detection
>
> OpenBSD's pf firewall has a 'scrub' option that allows normalisation
> of various TCP header fields, as well as fragment re-assembly and the
> like.
>
> J.
>
> On 8/31/07, Attari Attari <c70n3 () yahoo co in> wrote:
> > Hello All:
> >
> > Is there a PRACTICAL solution from PRODUCTION
> > environments that can be used to block OS detection
> > from tools like NMAP? I googled and read some notes
> > but couldn't find a real world solution to blocking
> > Windows & Linux OS detection.
> >
> > I'm quite sure I'll get the right inputs here.
> >
> > Thank you.
> >
> > Attari
> >
> >
> >       Unlimited freedom, unlimited storage. Get it now, on
> http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/
> >
> ------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution FREE today!
> >
> > http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
> >
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

--
"Buy the ticket, take the ride" -HST

Ivan Arce
CTO

CORE SECURITY TECHNOLOGIES
http://www.coresecurity.com

PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------