|
|
EnderUNIX İpucuArkadaşıma gönder , Ana Sayfa[ PF ] "OpenBSD PF Scrub ozelligi ve Isletim sistemi saptama araclarini yaniltma" - Huzeyfe Önal - (2006-12-27 08:23:00) [2756] OpenBSD ile birlikte gelen Firewall yazilimi PF'in scrub ozelligi kullanilarak isletim sistemi saptama yazilimlari bir dereceye kadar yaniltilabilir. Basitce scrub RFC'lere uyumlu olmayan paketleri dusurme isini yapiyor(detaylarina bakacak olursaniz cok daha fazlasini yapiyor, basitinden bir NIDS gibi...) man pf.conf'tan... Traffic Normalization (e.g. scrub) Traffic normalization protects internal machines against inconsis- tencies in Internet protocols and implementations. Nasil mi test ederiz? Nmap ve PF kullanarak sonuclari gorebilirsiniz... 1)ilk durumda scrub ozelligi devreye alinmamis bir Firewall ve nmap sonuclari; nokta atisi yapmis gibi sistemi bulabiliyor. # nmap -O 1.2.3.4.90 Starting Nmap 3.95 ( http://www.insecure.org/nmap/ ) at 2006-09-20 12:52 EEST Interesting ports on 1.2.3.4.90: (The 1667 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 53/tcp open domain MAC Address: 00:02:B4:18:8D:24 (Intel) Device type: general purpose Running: OpenBSD 3.X OS details: OpenBSD 3.6 Nmap finished: 1 IP address (1 host up) scanned in 19.866 seconds 2) ikinci durumda scrub ozelligi devreye alinmis bir Firewall'a ayni tarama yapiliyor ve sonuc; # nmap -P0 -O 1.2.3.4.90 Starting Nmap 3.95 ( http://www.insecure.org/nmap/ ) at 2006-09-20 12:54 EEST Insufficient responses for TCP sequencing (0), OS detection may be less accurate Interesting ports on 1.2.3.4.90: (The 1667 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 53/tcp open domain MAC Address: 00:02:B4:18:8D:24 (Intel) Device type: general purpose Running: Novell NetWare 6.X, OpenBSD 3.X OS details: Novell Netware 6 (no service packs), OpenBSD 3.3 x86 with pf "scrub in all", OpenBSD 3.5 or 3.6 Nmap finished: 1 IP address (1 host up) scanned in 25.901 seconds Arkadaşıma gönder , Ana Sayfa |
|