Security Cloak : How To Fool Passive Os Scanner
Results 1 to 10 of 10

Thread: Security Cloak : How To Fool Passive Os Scanner

  1. #1
    Junior Member
    Join Date
    Mar 2002
    Posts
    23

    Security Cloak : How To Fool Passive Os Scanner

    Security Cloak is designed to protect against TCP/IP stack fingerprinting and computer identification/information leakage via timestamp and window options by modifying relevant registry keys. The settings used are based on the results of SYN packet analysis by p0f. While the OS reported by other OS detection scanners were not identical to those of p0f, testing against Nmap, xprobe2, queso and cheops showed that they were unable to identify the correct operating system/version after Security Cloak settings had been applied.

    " http://www.linuxhaxor.net/2007/07/23...ve-os-scanner/ "

    pavs
    Last edited by pavs; July 24th, 2007 at 01:48 AM.

  2. #2
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    Is this odd or is this just me? joining multiple forums and within days posting the same thing?
    http://www.rohitab.com/discuss/index...howtopic=26051

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    It is you metguru,

    pavs has posted 3 times in 5 years?

    I have downloaded the stuff and will try it out.............

    It is a mirrored labrat, so I really don't care

  4. #4
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    TBH I don't think OS fingerprinting is accurate enough to warrant deploying something to defend against it. From experience I have found Xprobe to be the most reliable and Nmap to be one of the most unreliable (I still have an unpatched XP box that Nmap insists is 2000 sp 3), but even xprobe is only reliable 60 - 70 % of the time and unless you have used it regularly it can be hard to know which xprobe result to chose as it is not always the first choice.

    If a target is running a web server then you are likely to be around 90% accurate using httprint or similar but other than that it is a guessing game with an element of look involved.

    They can all obviously tell a Windows box from a Linux box, but when it comes to the different flavours of the OS they are mostly found wanting.
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  5. #5
    Junior Member
    Join Date
    Mar 2002
    Posts
    23
    Metguru--> yes it is kinda odd I guess. I am been a member of antinonline for years and been following this forum for just as long. But only now I am posting something, because I am trying to promote my site, if you don't like it I can understand that, but I don't think there is anything wrong with promoting your site as long as it has good content in it.

    Nokia--> there is two kinds of finger printing (apart from being active and passive); there is fingerprinting that us mortals do and there is fingerprinting that site's like netcraft does.
    Good luck with fingerprinting google.com with their exact version of server/OS, and with 90% of the time with extreme accuracy.

    " http://toolbar.netcraft.com/site_rep...www.google.com "

    It's only hack like this (actually you need more than security cloak to achieve what ebuyer.com has achieved, which needs a discussion of it's own) that makes it possible to fool scanner like netcraft:
    ie,
    " http://toolbar.netcraft.com/site_rep...www.ebuyer.com "

    Cheers,
    pavs

  6. #6
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    Quote Originally Posted by pavs
    Metguru--> yes it is kinda odd I guess. I am been a member of antinonline for years and been following this forum for just as long. But only now I am posting something, because I am trying to promote my site, if you don't like it I can understand that, but I don't think there is anything wrong with promoting your site as long as it has good content in it.
    Hey, its all good, im not tryin to start anything, I just noticed it and thought it would be good to bring up.

  7. #7
    Junior Member
    Join Date
    Mar 2002
    Posts
    23
    My article got mentioned in the first page of hackszine.

    http://hackszine.com/

    Cheers,
    pavs

  8. #8
    Senior Member mungyun's Avatar
    Join Date
    Apr 2004
    Location
    Illinois
    Posts
    172
    Heh, it would be kinda neat if you could dynamically cloak your fingerprint to match the persons that is looking....That would make em think a little bit.
    I believe in making the world safe for our children, but not our childrenís children, because I donít think children should be having sex. -- Jack Handey

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Huh?

    My article got mentioned in the first page of hackszine.
    Hey kid, I posted it to every page of my roll of toilet tissue..............

    "hackszine"............. ah!.......... way too intellectual for people here

  10. #10
    Junior Member
    Join Date
    Mar 2002
    Posts
    23
    Quote Originally Posted by nihil
    Huh?



    Hey kid, I posted it to every page of my roll of toilet tissue..............

    "hackszine"............. ah!.......... way too intellectual for people here
    Hey whatever makes you happy.

    Anyways, for anyone interested:
    http://www.windowhaxor.net/index.php...nd-error-page/

    Using apache modsecurity module to change apache signature and error page customizing stuff.


    Cheers,
    pavs

Similar Threads

  1. Basic Unix security tutorial
    By \/IP3R in forum AntiOnline's General Chit Chat
    Replies: 16
    Last Post: March 7th, 2005, 09:25 PM
  2. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 07:47 PM
  3. A guide to proactive network security
    By SDK in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: November 30th, 2004, 11:45 PM
  4. NEWS: This weeks security news.
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: September 12th, 2002, 10:33 PM
  5. Security Checklist
    By Ennis in forum The Security Tutorials Forum
    Replies: 3
    Last Post: December 1st, 2001, 01:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •