Portal Home > Knowledgebase > Articles Database > How to change status of services in NMAP or Zenmap port scanning ?


How to change status of services in NMAP or Zenmap port scanning ?




Posted by troboy, 09-01-2010, 08:48 AM
Hi, Most of people here know about nmap or zenmap utility which is used for server port scanning by hackers. On my laptop, I am using Ubuntu and have installed zenmap. I scanned 127.0.0.1 i.e. my local server. In Ports/Hosts TAB, why it shows ((Ubuntu)) along with Apache http I am also running Webmin so it is showing Webmin on port 10000 Is there any way to change this text ? So that attacker won't be able to recognize which softwares and tools I am running on server. Sometimes on Fedora, it shows the UPTIME of server, Zenmap also shows possibilities of Operating System, whether user is using Win 2003 Server etc. I tested all these things on my local server. So how to protect server against such scanning ? Thanks

Posted by AttackerNET, 09-01-2010, 09:46 AM
Hello You can prevent such activity with strict firewall rule set,IDS and TCP/IP stack hardening. Also you can use security by obscurity methodology such as: changing ports, changing services headers and banners and so on. I suggest you to consult a company specialized in this field or to hire a specialist in this arena. Regards, Last edited by AttackerNET; 09-01-2010 at 09:50 AM.

Posted by Melancholia, 09-01-2010, 10:01 AM
Yeah, no. zen/nmap is a tool used for security auditing. Please get your terminology correct. Scanning localhost won't yield the same results as if you externally scanned your system.

Posted by troboy, 09-01-2010, 11:13 AM
I forgot to upload screenshots Please have a look at my attachments Attached Thumbnails    



Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
lfd: LOCAL RELAY (Views: 633)
Regex validation (Views: 582)