From owner-freebsd-security Mon Jul 8 11:13:57 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C8DF137B400 for ; Mon, 8 Jul 2002 11:13:53 -0700 (PDT) Received: from kobold.compt.com (TBextgw.compt.com [209.115.146.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18BB843E3B for ; Mon, 8 Jul 2002 11:13:53 -0700 (PDT) (envelope-from klaus@kobold.compt.com) Date: Mon, 8 Jul 2002 14:13:42 -0400 From: Klaus Steden To: twig les Cc: "Dalin S. Owen" , Laurence Brockman , security@FreeBSD.ORG Subject: Re: hiding OS name Message-ID: <20020708141342.G13139@cthulu.compt.com> References: <20020708111122.A33379@nexusxi.com> <20020708175214.31781.qmail@web10104.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020708175214.31781.qmail@web10104.mail.yahoo.com>; from twigles@yahoo.com on Mon, Jul 08, 2002 at 10:52:14AM -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Portsentry may help (/usr/ports/security/portsentry I > believe). Won't hide the OS, but it may shut down > scans before they get that far. , never tested > it that way. > A friend of mine runs portsentry configured to blackhole every IP that attempts to connect to a port where no server is running (in conjunction with a strict firewall); that can be done in FreeBSD without using portsentry, via the blackhole sysctl MIBs. See blackhole(4). It's not a bad means to keep people out of your machines. Klaus To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message