Re: Block OS Detection

From: Jonathan Yu (jonathan.i.yu@gmail.com)
Date: Sat Sep 01 2007 - 09:12:32 EDT

• Next message: Cedric Blancher: "Re: Prevent Linux Uptime Detection"
• Previous message: Gadi Evron: "Re: Block OS Detection"
• In reply to: Gadi Evron: "Re: Block OS Detection"
• Next in thread: Ofer Shezaf: "RE: Block OS Detection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi there,

I am by no means an expert, but I believe that each TCP stack produces
a "unique" signature. Each operating system's stack behaves a certain
way and there are quirks based on the implementation, so I think that
you will still be able to fingerprint the operating system based on
those unless you do some sort of scrubbing (which would be pretty
difficult). Perhaps replacing the entire stack with something used by
a lot of people on different systems would give you the protection you
require?

Jonathan Yu

On 9/1/07, Gadi Evron <ge@linuxbox.org> wrote:
> Not everything is good, but you can overwrite different packet values
> using.. a firewall for example.
>
> Just one thingie.
>
>
> On Fri, 31 Aug 2007, Attari Attari wrote:
>
> > Hello All:
> >
> > Is there a PRACTICAL solution from PRODUCTION
> > environments that can be used to block OS detection
> > from tools like NMAP? I googled and read some notes
> > but couldn't find a real world solution to blocking
> > Windows & Linux OS detection.
> >
> > I'm quite sure I'll get the right inputs here.
> >
> > Thank you.
> >
> > Attari
> >
> >
> > Unlimited freedom, unlimited storage. Get it now, on http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution FREE today!
> >
> > http://www.cenzic.com/downloads
> > ------------------------------------------------------------------------
> >
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: Cedric Blancher: "Re: Prevent Linux Uptime Detection"
• Previous message: Gadi Evron: "Re: Block OS Detection"
• In reply to: Gadi Evron: "Re: Block OS Detection"
• Next in thread: Ofer Shezaf: "RE: Block OS Detection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:05 EDT