hide uptime of systems in DMZ|
|
|
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by Timo Schoeler on May 14, 2007, 8:10 am
Please log in for more thread options
is there any way to hide uptime of systems in an ASA-5520's DMZ? from outside i see (e.g.) (blablabla) Uptime 0.020 days (since Mon May 14 13:38:49 2007) TCP Sequence Prediction: Class=truly random Difficulty=9999999 (Good luck!) IPID Sequence Generation: All zeros Nmap finished: 1 IP address (1 host up) scanned in 61.469 seconds Raw packets sent: 3429 (153.492KB) | Rcvd: 30 (1680B) thanks, timo | ||||||||||||||||
|
Posted by Walter Roberson on May 14, 2007, 10:31 am
Please log in for more thread options >is there any way to hide uptime of systems in an ASA-5520's DMZ?
>from outside i see (e.g.)
>Uptime 0.020 days (since Mon May 14 13:38:49 2007)
>TCP Sequence Prediction: Class=truly random > Difficulty=9999999 (Good luck!) >IPID Sequence Generation: All zeros >Nmap finished: 1 IP address (1 host up) scanned in 61.469 seconds
The only way to read the uptime is via snmp, so configure your snmp parameters (and change your snmp community while you are at it.) | ||||||||||||||||
|
Posted by Timo Schoeler on May 14, 2007, 10:36 am
Please log in for more thread options Walter Roberson wrote:
>
>> is there any way to hide uptime of systems in an ASA-5520's DMZ?
>
>>from outside i see (e.g.)
>
> >> Uptime 0.020 days (since Mon May 14 13:38:49 2007)
>> TCP Sequence Prediction: Class=truly random >> Difficulty=9999999 (Good luck!) >> IPID Sequence Generation: All zeros >
>> Nmap finished: 1 IP address (1 host up) scanned in 61.469 seconds
>
> The only way to read the uptime is via snmp, so configure your snmp > parameters (and change your snmp community while you are at it.) i don't want to read my internal uptime (which i in fact do via snmp), but i want to hide it. i'd like to prevent nmap et al. to fingerprint our system's uptime. for my OpenBSD babies this is no problem, but those GNU/Linux boxen are bare naked. can ASA hide their uptime? pf can... regards, timo | ||||||||||||||||
| Similar Threads | Posted |
| hide uptime of systems in DMZ | May 14, 2007, 8:10 am |
| top uptime list ? | April 5, 2006, 3:31 pm |
| cisco uptime contest | April 7, 2006, 4:34 pm |
| GRE, hide nat on PIX | August 14, 2005, 3:38 pm |
| PIX 6.3.4 - Hide NAT before VPN | August 14, 2005, 8:05 pm |
| EIGRP Neighbor UPTime Problem | March 11, 2007, 6:16 pm |
| Hide-Nat will never clash... | September 21, 2005, 4:04 pm |
| Figuring out A-DSL link uptime on a Cisco 877W | January 11, 2007, 6:42 am |
| Pix ASA hide ports for portscan? | May 30, 2008, 4:49 am |
| Comparing Systems | September 20, 2006, 11:08 am |
| Comparing Systems | September 20, 2006, 11:08 am |
| Comparing Systems | September 20, 2006, 11:47 am |
| Systems can be 1-3 kms apart; 1 or multiple LANs? | April 2, 2007, 7:17 am |
| How do you connect two OSPF autonomous systems? | July 10, 2005, 1:59 pm |
| Problems with Catalyst 2950 and Mac OS X 10.4 Systems | May 15, 2006, 5:20 pm |
|
Home Cabling GuideFinally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language! Learn More |