From owner-freebsd-security Tue Jul 9 6:52:34 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 869E437B400 for ; Tue, 9 Jul 2002 06:52:30 -0700 (PDT) Received: from smtp03.wxs.nl (smtp03.wxs.nl [195.121.6.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6059343E09 for ; Tue, 9 Jul 2002 06:52:29 -0700 (PDT) (envelope-from freebsd-reply@akruijff.dds.nl) Received: from cybertron.kruijff ([213.10.151.186]) by smtp03.wxs.nl (Netscape Messaging Server 4.15) with ESMTP id GYZIJF00.ID6 for ; Tue, 9 Jul 2002 15:52:27 +0200 Date: Tue, 9 Jul 2002 15:52:14 +0200 From: Alex X-Mailer: The Bat! (v1.53d) Reply-To: Alex X-Priority: 3 (Normal) Message-ID: <5616647177.20020709155214@dds.nl> Cc: security@FreeBSD.ORG Subject: Re[2]: hiding OS name In-Reply-To: <20020708231809505.AAA981@empty1.ekahuna.com@pc02.ekahuna.com> References: <20020708231809505.AAA981@empty1.ekahuna.com@pc02.ekahuna.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello/Beste Philip, Tuesday, July 09, 2002, 1:18:08 AM, you wrote: >> Date: Sun, 7 Jul 2002 21:29:42 -0700 >> From: Nathan Kinkade >> >> On Mon, 8 Jul 2002 09:32:09 +0700 >> "Asep Ruspeni" wrote: >> >> > I am newbie in FreeBSD OS, but i have lot of concerned in securing >> > system. >> > >> > I have questions like this : >> > >> > - how can i set-up FreeBSD, so when it being scanned, it's show no >> > operating system name + version. >> > - is there any articles i colud read about securing freeBSD such as >> > the question i ask above. >> > >> > thank you in advance. >> >> What you are looking for is not really a function of FreeBSD, but rather >> of the various servers you may be running on FreeBSD such as Apache, >> FTP, Sendmail, and so on. If it's going to happen it will probably be >> something that you configure the daemon to do, however I don't know >> which allow you to do something similar other than wu-ftpd, although I'd >> guess there are others. Network scanning utilities - I'm thinking of >> nmap in particular - allow you to scan a host(s) and attempt to >> determine the OS/version based on certain peculiarities in the >> response(s). One way to help minimize the impact of this would be to >> set the net.inet.tcp.blackhole and net.inet.udp.blackhole kernel >> parameters using the sysctl utility. For more information on this >> checkout the "blackhole(4)" manpage with `man 4 blackhole`. >> >> Nathan PJK> Another option is to put the box behind a firewall. Very often if PJK> something like nmap is looking for peculiarities in the IP stack PJK> implementation to ascertain what OS is on a box, if there is a PJK> firewall in front of it it will be id'ing the firewall's IP PJK> implementation rather than the target host's. You can have openBSD on that system to look very very secure. -- Best regards/Met vriendelijke groet, Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message