Date: Mon, 8 Jul 2002 08:34:53 -0600 From: "Ramsey G. Brenner" <rgbrenner@myrealbox.com> To: "Laurence Brockman" <laurence@fluxinc.com> Cc: freebsd-security@freebsd.org Subject: Re: hiding OS name Message-ID: <200207080834.53431.rgbrenner@myrealbox.com> In-Reply-To: <001201c22689$6049a790$140115ac@BCDOMAIN01.COM> References: <006601c22627$a9199000$21020a0a@mti.itb.ac.id> <3D294723.7022CD07@pantherdragon.org> <001201c22689$6049a790$140115ac@BCDOMAIN01.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
=46rom /sys/i386/conf/LINT # # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. Thi= s # prevents nmap et al. from identifying the TCP/IP stack, but breaks supp= ort # for RFC1644 extensions and is not recommended for web servers. # options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN Also dont forget to add tcp_drop_synfin=3D"YES" to /etc/rc.conf --=20 ---------- Ramsey G. Brenner rgbrenner@myrealbox.com http://rgbrenner.cjb.net/ On Monday 08 July 2002 08:11 am, Laurence Brockman wrote: > I think that what the original poster was trying to get at was when bei= ng > scanned by something like nmap using the OS detection (Or other tools),= it > would show no OS. > > This would mean changing the way the networking layer responds to certa= in > packets (ICMP, tcp sequencing, etc) and I'm not sure if there is anythi= ng > out there for FreeBSD (Never bothered to look). > > I know there are kernel patches for linux that actually change the stac= k to > emulate other OS's, thus fooling these OS detection tools. > > Laurence > > ----- Original Message ----- > From: "Darren Pilgrim" <dmp@pantherdragon.org> > To: "Asep Ruspeni" <ruspeni@mti.itb.ac.id> > Cc: <freebsd-security@FreeBSD.ORG> > Sent: Monday, July 08, 2002 2:02 AM > Subject: Re: hiding OS name > > > Asep Ruspeni wrote: > > > I am newbie in FreeBSD OS, but i have lot of concerned in securing > > system. > > > > I have questions like this : > > > > > > - how can i set-up FreeBSD, so when it being scanned, it's show no > > operating > > > > system name + version. > > > - is there any articles i colud read about securing freeBSD such as= the > > > question i ask above. > > > > > > thank you in advance. > > > > Hiding your OS name and version will do nothing to increase security, > > because the majority of people who scan for vulnerable hosts just do > > bulk scanning, trying their trick on everything they find. They know > > (or just don't care) that you can't reliably determine the OS without > > shell access and even then you can be tricked. > > > > That said, what you're looking to do is change the banner on the > > daemons you're running. How you do this is specific to each daemon. > > As usual, RTWP, JTML, RTFM, RTSL, etc. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207080834.53431.rgbrenner>