Computers on the network can easily be hackers use tools or other tools to scan for vulnerabilities in the system, and then against the vulnerability.
The Linux system by pretending to hackers, you can set the system to increase the hacker on system analysis difficult, luring their misguided, thereby further enhance the security of computer systems. The following spoke: a case study on RedHatLinux several hackers commonly used ways to explain some of the common Linux system camouflage. For HTTP services by analyzing the Web server type, can generally be inferred from the type of operating system, such as Windows with IIS to provide HTTP services, while Linux is most common in Apac. The default Apache configuration, no information protection mechanisms, and allows directory browsing. Browse through the directory, you can usually obtain similar "Apache/1.3.27Serveratapache.linuxforum.netPort80" or "Apache 2.0.49 (Unix)/PHP/4.3.8" information. By modifying the configuration file parameter, you can set ServerTokens Apache information hidden. However, Apache is running on RedHatLinux compiled programs, tip information is compiled in programs, to hide the information you need to modify the Apache source code, and then recompile the installer to replace the contents inside tip. For example, edit Apache2.0.50 ap_release.h file, modify the "# defineAP_SERVER_BASEPRODUCT\\" Apache\\ "" to "# defineAP_SERVER_BASEPRODUCT\\" Microsoft-IIS/5.0 \\ "". Edit os/unix/os.h file, modify the "# definePLATFORM\\" Unix\\ "" to "# definePLATFORM\\" Win32\\ "". Modify, recompile and install Apace. After the installation is complete, the Apache httpd.conf configuration file, the "ServerTokensFull" to "ServerTokensProd"; "ServerSignatureOn" to "ServerSignatureOff", and then save and exit. Restart Apache, use tools for scanning, Discover tips information already displayed in the Windows operating system. For the FTP service through the FTP service, you can infer the type of operating system, for example, the Windows of the FTP service, while more is Serv-U Linux commonly used vsftpd, proftpd and pureftpd and other software. In proftpd, for example, modify the configuration file proftpd.conf, add the following content: ServerIdenton\\ "Serv-UFTPServerv5.0forWinSockready...\\" filed after the exit, restart proftpd service, log in to modify the message to a test FTP server: C:\\ > ftp192.168.0.1 Connectedto192.168.0.1. 220Serv-UFTPServerv5.0forWinSockready... User(192.168.0.1:(none)): 331Passwordrequiredfor(none). Password: 530Loginincorrect. Loginfailed. Ftp > quit 221Goodbye. so on the surface, the server is running the Windows Serv-U. Return values for TTL can use the ping command to detect a host, depending on the operating system can be inferred that TTL base type. For one without any gateway and routing network, direct ping each other system TTL value, is called the "base" TTL. The network packet through a router, each of the TTL will be minus 1, if the TTL of 0, this packet will be discarded.
No comments:
Post a Comment