Network Security: Detailed info on Re: Block OS Detection

Subject:	Re: Block OS Detection
Date:	Fri, 25 Jan 2008 15:42:28 -0200

OpenBSD's PF has been ported to Windows (pre-Vista) as part of a free firewall/endpoint security software. It is part of research work and in beta state (regular YMMV disclaimer) but I know it has been installed used on production servers for quite some time. The port of OpenBSD's PF provides a fully-featured and stable bidirectional statefull firewall that some found useful to have on windows systems.

http://force.coresecurity.com

-ivan

Arafat M. Bique wrote:

For Windows System and IIS is not quite easily to do that. I don't know
if someone has a solution that isn't reverse proxy.

Regards,

Arafat M. Bique
Network Infrastructure
IT Department
email:arafat.bique@bcifomento.co.mz
Web:http://www.bcifomento.co.mz

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of John Brazel
Sent: Wednesday, September 05, 2007 10:01 AM
To: Attari Attari
Cc: pen-test@securityfocus.com
Subject: Re: Block OS Detection

OpenBSD's pf firewall has a 'scrub' option that allows normalisation
of various TCP header fields, as well as fragment re-assembly and the
like.

J.

On 8/31/07, Attari Attari <c70n3@yahoo.co.in> wrote:

Hello All:

Is there a PRACTICAL solution from PRODUCTION
environments that can be used to block OS detection
from tools like NMAP? I googled and read some notes
but couldn't find a real world solution to blocking
Windows & Linux OS detection.

I'm quite sure I'll get the right inputs here.

Thank you.

Attari

Unlimited freedom, unlimited storage. Get it now, on

http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


--
"Buy the ticket, take the ride" -HST

Ivan Arce
CTO

CORE SECURITY TECHNOLOGIES
http://www.coresecurity.com

PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Block OS Detection, Ivan Arce <= Re: Block OS Detection, Danny Fullerton

Previous by Date:	Oracle password cracker, ahgaber_rehan
Next by Date:	Re: Question re: load balancers as a security device, Dotzero
Previous by Thread:	Oracle password cracker, ahgaber_rehan
Next by Thread:	Re: Block OS Detection, Danny Fullerton
Indexes:	[Date] [Thread] [Top] [All Lists]