Avoid OS detection on OpenBSD
You know what we say about OpenBSD : Free, Functional, and… Secure.
Hosting a public server can lead to many different attacks. Mostly random attacks, but you may be targeted by a “real attacker” who, at first, will gather informations such as the kind of operating system you are running.
Actually, finding what system runs on a server is easy, with Nmap here is a simple way to check what system runs on my gaming computer :
lina@blog:~$ doas nmap -sS -O 192.168.1.42 Nmap scan report for gaming-pc.cagedmonster.net (192.168.1.42) Host is up (0.00032s latency). Not shown: 991 filtered ports MAC Address: 74:D0:2B:9C:B3:A9 (Asustek Computer) Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Aggressive OS guesses: Microsoft Windows 10 build 10586 - 14393 (95%), Microsoft Windows Phone 7.5 or 8.0 (94%), Microsoft Windows 10 build 10586 (93%), Microsoft Windows Server 2008 R2 or Windows 8.1 (93%), Microsoft Windows 7 Professional or Windows 8 (93%), Microsoft Windows Vista SP0 or SP1, Windows Server 2008 SP1, or Windows 7 (93%), Microsoft Windows Embedded Standard 7 (93%), Microsoft Windows Vista SP2, Windows 7 SP1, or Windows Server 2008 (93%), Microsoft Windows Server 2008 R2 (91%), Microsoft Windows Server 2008 SP1 (91%) No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop OS detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 13.31 seconds
OS detection tools use a lot of datas like :
- TCP ISN sampling
- TCP options support and ordering
- IP ID sampling
- Window size check…
But… because we are running OpenBSD and using its powerfull firefall named PacketFilter, we can do something about this.