Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site.
View Thread
Author | nmap -O | Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | | been looking for a guide to prevent os fingerprinting.
using nmap -O *.*.*.* on host reveals it's OS etc, trying to prevent this. any links to any guides would be awesome. Soz for short post.
|
 |
Author | RE: nmap -O | spyware Member

Posts: 4192 Location:
Joined: 14.04.07 Rank: God Warn Level: 90
| | http://www.pgci.ca/common/p_fingerprint.htm
Google. Six seconds.

"The chowner of property." - Zeph [small]�Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.� - Carl Sagan [center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce |
 |
Author | RE: nmap -O | Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | | i've come across that one, but still not quite understanding what needs to be done. would prefer to have someone familiar with the topic to give us a link, not just a google search(amazingly enough ive done some of these, see, i too have heard of this google thing).
|
 |
Author | RE: nmap -O | spyware Member

Posts: 4192 Location:
Joined: 14.04.07 Rank: God Warn Level: 90
| | 'And he kept on spamming links'.
http://www.usenix.org/events/sec2000/full_papers/smart/smart_html/

"The chowner of property." - Zeph [small]�Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.� - Carl Sagan [center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce |
 |
Author | RE: nmap -O | Uber0n Member

Posts: 1963 Location: Sweden
Joined: 13.06.06 Rank: Hacker Level 3 | | spyware wrote:
'And he kept on spamming links'.
Damn you spyware. I don't even think that's fun for real, but it made me laugh IRL 

http://uber0n.web. . . |
 |
Author | RE: nmap -O | Member

Posts: Location:
Joined: 01.01.70 Rank: Guest | | Knowing how OS fingerprinting works is going to help you prevent/spoof it more than finding a link to prevent it.
You have multiple things to take into account. First off you have ports that are only open on certain operating systems. Thus something with 135/139 is going to give a high percentage of target being a Windows operating system.
Then you have the way operating systems respond to packets being sent in certain ways, to closed/open ports, with malformed data, short/long TTL, and etc. Some operating systems will respond in different ways to different types of packets.
Then you also have a service scan and, with certain programs, banner grabbing.. Finding an IIS webserver running on target OS will give higher percentage of target being Windows.
The best way to deal with this is being able to manage packets and ports. Providing a good ruleset within your firewall, IDS triggers, etc., is your best bet to stump and only give generality (like target OS is Windows) about target OS. Spoofing is another good viable option. Closing and opening ports that certain operating systems only have open will throw a high percentage of that OS and throw off the detection.
|
 |
|