Date: Mon, 8 Jul 2002 13:35:53 +0700 From: "Eko Suwarsono" <ekoz@melsa.net.id> To: <freebsd-questions@freebsd.org> Subject: Re: hiding OS name Message-ID: <002301c22649$b671bad0$d4e18aca@melsa.net.id> References: <006601c22627$a9199000$21020a0a@mti.itb.ac.id>
next in thread | previous in thread | raw e-mail | index | archive | help
There is several method to hiding your OS name/version or making a network scanner like nmap will try harder to finished his job. 1. You can using "iplog" (using ports in /usr/ports/net/iplog), to fooling a portscanner guess about OS specification. 2. Using ipfw with "Default To deny" policy, which closing all unusable port. 3. Changing your sysctl "blackhole" parameter : sysctl -w net.inet.tcp.blackhole=2 sysctl -w net.inet.udp.blackhole=1 4. Insert an option, options TCP_DROP_SYNFIN # read in /usr/src/sys/i386/conf/LINT in your kernel configuration and recompile the kernel, but this method not recommended if you are running webserver. The first article/document you must read is freebsd's handbook, you can read it at http://www.freebsd.org or go straight to security chapter at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security.html, a nice article about security you can found at : http://www.defcon1.org/html/freebsd_security.html http://www.onlamp.com/pub/a/bsd/2001/02/07/FreeBSD_Basics.html?page=1 or...http://www.google.com..:) eko suwarsono ----------------------------------------- use perl; program fulfillment ----- Original Message ----- From: "Asep Ruspeni" <ruspeni@mti.itb.ac.id> To: <freebsd-security@FreeBSD.ORG> Sent: Monday, July 08, 2002 9:32 AM Subject: hiding OS name > I am newbie in FreeBSD OS, but i have lot of concerned in securing system. > > I have questions like this : > > - how can i set-up FreeBSD, so when it being scanned, it's show no operating > system name + version. > - is there any articles i colud read about securing freeBSD such as the > question i ask above. > > thank you in advance. > > -asep- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002301c22649$b671bad0$d4e18aca>