URLScan will deny Web Server banner requests only, not OS detection.
NSA.gov have refuse both banner requests & OS detection,
at onetime in the past as you can see on the netcraft lookup.
*** Just using them as an example, no need to send helicopters over my house
Windows 2000 unknown 19-May-2003 *.213.217.241 [blocking banner requests]
unknown unknown 25-Aug-2002 *.213.217.241 [blocking os detection & banner
requests]
Solaris unknown 13-Aug-2002 *.47.125.33 [blocking banner request]
Solaris Apache/1.3.11 (Unix) 7-Aug-2002 *.47.125.33
Windows 2000 unknown 6-Aug-2002 *.213.217.241 [blocking banner requests]
Solaris Apache/1.3.11 (Unix) 30-Jul-2002 *.47.125.33
unknown unknown 29-Jul-2002 *.213.217.241 [blocking os detection & banner
requests]
Solaris Apache/1.3.11 (Unix) 24-Oct-2001 *.47.125.33 unknown
*****************************************************************
-
But there is 100 other ways to detect an OS.
So whats the point really.
FLUID
-----Original Message-----
From: Kevin E. Casey [mailto:kcasey (at) nanoweb (dot) com [email concealed]]
Sent: Monday, February 23, 2004 3:54 PM
To: Paul Kurczaba; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Preventing OS Detection
If you are running Microsoft IIS, install URLScan and read the instructions.
-----Original Message-----
From: Paul Kurczaba [mailto:paul (at) myipis (dot) com [email concealed]]
Sent: Friday, February 20, 2004 5:29 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Preventing OS Detection
If I go to http://uptime.netcraft.com and enter my website, Netcraft will
display my web servers OS, determined from the TCP/IP packet. Is there a way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html
in paragraph titled "Netcraft is Watching", it briefly describes that
registry changes can be made. Can someone please give me some specific
registry changes to prevent others from identifying my web servers OS?
URLScan will deny Web Server banner requests only, not OS detection.
NSA.gov have refuse both banner requests & OS detection,
at onetime in the past as you can see on the netcraft lookup.
*** Just using them as an example, no need to send helicopters over my house
Windows 2000 unknown 19-May-2003 *.213.217.241 [blocking banner requests]
unknown unknown 25-Aug-2002 *.213.217.241 [blocking os detection & banner
requests]
Solaris unknown 13-Aug-2002 *.47.125.33 [blocking banner request]
Solaris Apache/1.3.11 (Unix) 7-Aug-2002 *.47.125.33
Windows 2000 unknown 6-Aug-2002 *.213.217.241 [blocking banner requests]
Solaris Apache/1.3.11 (Unix) 30-Jul-2002 *.47.125.33
unknown unknown 29-Jul-2002 *.213.217.241 [blocking os detection & banner
requests]
Solaris Apache/1.3.11 (Unix) 24-Oct-2001 *.47.125.33 unknown
*****************************************************************
-
But there is 100 other ways to detect an OS.
So whats the point really.
FLUID
-----Original Message-----
From: Kevin E. Casey [mailto:kcasey (at) nanoweb (dot) com [email concealed]]
Sent: Monday, February 23, 2004 3:54 PM
To: Paul Kurczaba; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: Preventing OS Detection
If you are running Microsoft IIS, install URLScan and read the instructions.
-----Original Message-----
From: Paul Kurczaba [mailto:paul (at) myipis (dot) com [email concealed]]
Sent: Friday, February 20, 2004 5:29 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Preventing OS Detection
If I go to http://uptime.netcraft.com and enter my website, Netcraft will
display my web servers OS, determined from the TCP/IP packet. Is there a way
in the windows registry to prevent Netcraft (or anyone else) from
identifying my OS? On the page http://www.webhostgear.com/36,1.html
in paragraph titled "Netcraft is Watching", it briefly describes that
registry changes can be made. Can someone please give me some specific
registry changes to prevent others from identifying my web servers OS?
Thanks,
Paul Kurczaba
------------------------------------------------------------------------
---
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040219
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]