Portal Home > Knowledgebase > Articles Database > How to change status of services in NMAP or Zenmap port scanning ?
How to change status of services in NMAP or Zenmap port scanning ?
Posted by troboy, 09-01-2010, 08:48 AM |
Hi,
Most of people here know about nmap or zenmap utility which is used for server port scanning by hackers.
On my laptop, I am using Ubuntu and have installed zenmap.
I scanned 127.0.0.1 i.e. my local server.
In Ports/Hosts TAB, why it shows ((Ubuntu)) along with Apache http
I am also running Webmin so it is showing Webmin on port 10000
Is there any way to change this text ? So that attacker won't be able to recognize which softwares and tools I am running on server.
Sometimes on Fedora, it shows the UPTIME of server, Zenmap also shows possibilities of Operating System, whether user is using Win 2003 Server etc.
I tested all these things on my local server.
So how to protect server against such scanning ?
Thanks
|
Posted by AttackerNET, 09-01-2010, 09:46 AM |
Hello
You can prevent such activity with strict firewall rule set,IDS and TCP/IP stack hardening. Also you can use security by obscurity methodology such as: changing ports, changing services headers and banners and so on.
I suggest you to consult a company specialized in this field or to hire a specialist in this arena.
Regards,
Last edited by AttackerNET; 09-01-2010 at 09:50 AM.
|
Posted by Melancholia, 09-01-2010, 10:01 AM |
Yeah, no.
zen/nmap is a tool used for security auditing. Please get your terminology correct.
Scanning localhost won't yield the same results as if you externally scanned your system.
|
Posted by troboy, 09-01-2010, 11:13 AM |
I forgot to upload screenshots
Please have a look at my attachments
Attached Thumbnails
|
Add to Favourites Print this Article
Also Read