Re: Block OS Detection

From: Ivan Arce (ivan.arce@coresecurity.com)
Date: Fri Jan 25 2008 - 12:42:28 EST


OpenBSD's PF has been ported to Windows (pre-Vista) as part of a free
firewall/endpoint security software. It is part of research work and in
beta state (regular YMMV disclaimer) but I know it has been installed used
on production servers for quite some time. The port of OpenBSD's PF
provides a fully-featured and stable bidirectional statefull firewall that
some found useful to have on windows systems.

http://force.coresecurity.com

-ivan

Arafat M. Bique wrote:
> For Windows System and IIS is not quite easily to do that. I don't know
> if someone has a solution that isn't reverse proxy.
>
> Regards,
>
> Arafat M. Bique
> Network Infrastructure
> IT Department
> email:arafat.bique@bcifomento.co.mz
> Web:http://www.bcifomento.co.mz
>
> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
> On Behalf Of John Brazel
> Sent: Wednesday, September 05, 2007 10:01 AM
> To: Attari Attari
> Cc: pen-test@securityfocus.com
> Subject: Re: Block OS Detection
>
> OpenBSD's pf firewall has a 'scrub' option that allows normalisation
> of various TCP header fields, as well as fragment re-assembly and the
> like.
>
> J.
>
> On 8/31/07, Attari Attari <c70n3@yahoo.co.in> wrote:
>> Hello All:
>>
>> Is there a PRACTICAL solution from PRODUCTION
>> environments that can be used to block OS detection
>> from tools like NMAP? I googled and read some notes
>> but couldn't find a real world solution to blocking
>> Windows & Linux OS detection.
>>
>> I'm quite sure I'll get the right inputs here.
>>
>> Thank you.
>>
>> Attari
>>
>>
>> Unlimited freedom, unlimited storage. Get it now, on
> http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/
>>
> ------------------------------------------------------------------------
>> This list is sponsored by: Cenzic
>>
>> Need to secure your web apps NOW?
>> Cenzic finds more, "real" vulnerabilities fast.
>> Click to try it, buy it or download a solution FREE today!
>>
>> http://www.cenzic.com/downloads
>>
> ------------------------------------------------------------------------
>>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>

-- 
"Buy the ticket, take the ride" -HST
Ivan Arce
CTO
CORE SECURITY TECHNOLOGIES
http://www.coresecurity.com
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:21 EDT