How to hide kernel information
J.R.
themadbeaker at gmail.com
Tue Apr 28 15:17:13 UTC 2020
> Okay. I exactly don't know how the Security Testing Team is able to get the
> kernel information. They use Qualys and Nessus for performing tests. All I
> can say is only port 443 allowed to the server and I thought asking you
> guys if it is from Nginx or is there any way to handle it. Server is behind
> firewall.
As someone else commented, check your HTTP headers to make sure they
aren't publishing something extremely obvious for the casual scanner.
As for determining kernel version, the web server has zero control
over that. The scanner program you are referring to fingerprints based
on kernel TCP settings / support... i.e. TCP Flags, Window, Options,
MSS, etc... Totally unrelated to nginx, and the same information
could be gathered on any open service / port.
More information about the nginx
mailing list