You should take a look at www.nmap.org and read the information on OS finger
printing to get a good idea of whats going on with OS detection (although I
am unaware of how Netcraft does it but assume its similar).
The primary question is why do you wish to do this? My personal opinion is
that security through obscurity doesn't work, or at best doesn't work for
very long. Especially if you have someone determined/skilled enough to
perform more then just a few automated scans of your Internet facing
systems.
-Jimmy
-----Original Message-----
From: Paul Kurczaba [mailto:paul (at) myipis (dot) com [email concealed]]
Sent: Monday, February 23, 2004 1:01 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Preventing OS Detection
If I go to http://uptime.netcraft.com and enter my website, Netcraft will
display my web servers OS, determined from the TCP/IP packet. Is there a way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html in
paragraph titled "Netcraft is Watching", it briefly describes that registry
changes can be made. Can someone please give me some specific registry
changes to prevent others from identifying my web servers OS?
Thanks,
Paul Kurczaba
------------------------------------------------------------------------
---
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
printing to get a good idea of whats going on with OS detection (although I
am unaware of how Netcraft does it but assume its similar).
The primary question is why do you wish to do this? My personal opinion is
that security through obscurity doesn't work, or at best doesn't work for
very long. Especially if you have someone determined/skilled enough to
perform more then just a few automated scans of your Internet facing
systems.
-Jimmy
-----Original Message-----
From: Paul Kurczaba [mailto:paul (at) myipis (dot) com [email concealed]]
Sent: Monday, February 23, 2004 1:01 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Preventing OS Detection
If I go to http://uptime.netcraft.com and enter my website, Netcraft will
display my web servers OS, determined from the TCP/IP packet. Is there a way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html in
paragraph titled "Netcraft is Watching", it briefly describes that registry
changes can be made. Can someone please give me some specific registry
changes to prevent others from identifying my web servers OS?
Thanks,
Paul Kurczaba
------------------------------------------------------------------------
---
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
------------------------------------------------------------------------
---
[ reply ]