From owner-freebsd-questions Sun Jul 7 23:36: 6 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41C1437B400 for ; Sun, 7 Jul 2002 23:36:04 -0700 (PDT) Received: from mx2.melsa.net.id (mx2.melsa.net.id [202.138.224.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 60E4B43E09 for ; Sun, 7 Jul 2002 23:36:00 -0700 (PDT) (envelope-from ekoz@melsa.net.id) Received: from ns2.melsa.net.id (ns2.melsa.net.id [202.138.224.4]) by mx2.melsa.net.id (8.11.3/8.11.3) with ESMTP id g686ZtB74355 for ; Mon, 8 Jul 2002 13:35:55 +0700 (JAVT) Received: from tech04 (tech04.melsa.net.id [202.138.225.212]) by ns2.melsa.net.id (8.11.3/8.11.3) with SMTP id g686ZtX02954 for ; Mon, 8 Jul 2002 13:35:55 +0700 (JAVT) Message-ID: <002301c22649$b671bad0$d4e18aca@melsa.net.id> From: "Eko Suwarsono" To: References: <006601c22627$a9199000$21020a0a@mti.itb.ac.id> Subject: Re: hiding OS name Date: Mon, 8 Jul 2002 13:35:53 +0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG There is several method to hiding your OS name/version or making a network scanner like nmap will try harder to finished his job. 1. You can using "iplog" (using ports in /usr/ports/net/iplog), to fooling a portscanner guess about OS specification. 2. Using ipfw with "Default To deny" policy, which closing all unusable port. 3. Changing your sysctl "blackhole" parameter : sysctl -w net.inet.tcp.blackhole=2 sysctl -w net.inet.udp.blackhole=1 4. Insert an option, options TCP_DROP_SYNFIN # read in /usr/src/sys/i386/conf/LINT in your kernel configuration and recompile the kernel, but this method not recommended if you are running webserver. The first article/document you must read is freebsd's handbook, you can read it at http://www.freebsd.org or go straight to security chapter at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security.html, a nice article about security you can found at : http://www.defcon1.org/html/freebsd_security.html http://www.onlamp.com/pub/a/bsd/2001/02/07/FreeBSD_Basics.html?page=1 or...http://www.google.com..:) eko suwarsono ----------------------------------------- use perl; program fulfillment ----- Original Message ----- From: "Asep Ruspeni" To: Sent: Monday, July 08, 2002 9:32 AM Subject: hiding OS name > I am newbie in FreeBSD OS, but i have lot of concerned in securing system. > > I have questions like this : > > - how can i set-up FreeBSD, so when it being scanned, it's show no operating > system name + version. > - is there any articles i colud read about securing freeBSD such as the > question i ask above. > > thank you in advance. > > -asep- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message