Find the answer to your Linux question:
Results 1 to 3 of 3
I have multiple servers running Ubuntu and OpenSuse 10.1/10.2. I was wondering, for security reasons, if there is a way I can change the OS fingerprint on these production servers. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie harner's Avatar
    Join Date
    Jun 2004
    Location
    PA, USA
    Posts
    209

    OS Fingerprint Change


    I have multiple servers running Ubuntu and OpenSuse 10.1/10.2. I was wondering, for security reasons, if there is a way I can change the OS fingerprint on these production servers. I'd obviously test the test boxes first.

    For example, when I fire up Webmin:
    Operating system SuSE Linux 10.1

    I want the OS to read either something completely different (to confuse possible hackers by changing it to like Microsoft Windows 2003 Server haha) or nothing at all. After a security audit, this was suggested to us. Thanks for the help.
    I praise Webmin and PuTTy!
    Registered Linux User: 439431

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Trying to modify your OS fingerprint is a fun trick, but you might remind your security auditors that it's nothing more than "security by obscurity". (i.e. Waste of effort, IMO.)

    A quick google turned up this article which should get you started:
    Passive-Aggressive Resistance: OS Fingerprint Evasion | Linux Journal

    Also, taken verbatim from the nmap(1) manpages:
    If Nmap is unable to guess the OS of a machine, and conditions are good (e.g. at least one open port and one closed port were found)...
    I read this to mean that if you do not have at least one open port and one closed (which is different than filtered) port, your OS will be more difficult to detect.

    I'll close by saying: spend your time focusing on real hardening efforts, not this.

  3. #3
    Linux Newbie harner's Avatar
    Join Date
    Jun 2004
    Location
    PA, USA
    Posts
    209
    Thanks for the help. In all actuality, we have an extremely secure network which is why we have some small issues to take care of.

    Thanks again, I'll check out the article.
    I praise Webmin and PuTTy!
    Registered Linux User: 439431

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •