From owner-freebsd-security Sun Jul 7 21:31:38 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A8C7137B400 for ; Sun, 7 Jul 2002 21:31:36 -0700 (PDT) Received: from sub21-156.member.dsl-only.net (sub21-156.member.dsl-only.net [63.105.21.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED2C243E09 for ; Sun, 7 Jul 2002 21:31:35 -0700 (PDT) (envelope-from nkinkade@dsl-only.com) Received: from sub21-156.member.dsl-only.net (freebsd.localhost.localdomain [127.0.0.1]) by sub21-156.member.dsl-only.net (8.12.4/8.12.4) with SMTP id g684TlnI008599; Sun, 7 Jul 2002 21:30:00 -0700 (PDT) (envelope-from nkinkade@dsl-only.com) Date: Sun, 7 Jul 2002 21:29:42 -0700 From: Nathan Kinkade To: "Asep Ruspeni" Cc: freebsd-security@FreeBSD.ORG Subject: Re: hiding OS name Message-Id: <20020707212942.027efd2e.nkinkade@dsl-only.com> In-Reply-To: <006601c22627$a9199000$21020a0a@mti.itb.ac.id> References: <006601c22627$a9199000$21020a0a@mti.itb.ac.id> X-Mailer: Sylpheed version 0.7.8claws (GTK+ 1.2.10; i386-portbld-freebsd4.6) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 8 Jul 2002 09:32:09 +0700 "Asep Ruspeni" wrote: > I am newbie in FreeBSD OS, but i have lot of concerned in securing > system. > > I have questions like this : > > - how can i set-up FreeBSD, so when it being scanned, it's show no > operating system name + version. > - is there any articles i colud read about securing freeBSD such as > the question i ask above. > > thank you in advance. What you are looking for is not really a function of FreeBSD, but rather of the various servers you may be running on FreeBSD such as Apache, FTP, Sendmail, and so on. If it's going to happen it will probably be something that you configure the daemon to do, however I don't know which allow you to do something similar other than wu-ftpd, although I'd guess there are others. Network scanning utilities - I'm thinking of nmap in particular - allow you to scan a host(s) and attempt to determine the OS/version based on certain peculiarities in the response(s). One way to help minimize the impact of this would be to set the net.inet.tcp.blackhole and net.inet.udp.blackhole kernel parameters using the sysctl utility. For more information on this checkout the "blackhole(4)" manpage with `man 4 blackhole`. Nathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message