<html><head><style id="outgoing-font-settings">#response_container_BBPPID{font-family: initial; font-size:initial; color: initial;}</style></head><body style="background-color: rgb(255, 255, 255); background-image: initial; line-height: initial;"><div id="response_container_BBPPID" style="outline:none;" dir="auto" contenteditable="false"> <div name="BB10" id="BB10_response_div_BBPPID" dir="auto" style="width:100%;"> Have you tried it? </div><div name="BB10" id="BB10_response_div_BBPPID" dir="auto" style="width:100%;">https://securiteam.com/tools/5qp0920ikm/</div> <div name="BB10" id="response_div_spacer_BBPPID" dir="auto" style="width:100%;"> <br style="display:initial"></div><div name="BB10" id="response_div_spacer_BBPPID" dir="auto" style="width:100%;"><span style="font-family: initial; font-size: initial;">I ran the nmap OS detection on my own server once and it triggered SSHGuard, locking me out. So a tip is you may want to run SINFP from a disposable IP address if you are running fail2ban, etc. </span></div> <div id="blackberry_signature_BBPPID" name="BB10" dir="auto"> <div id="_signaturePlaceholder_BBPPID" name="BB10" dir="auto"></div> </div></div><div id="_original_msg_header_BBPPID" dir="auto"> <table width="100%" style="border-spacing: 0px; display: table; outline: none;" contenteditable="false"><tbody><tr><td colspan="2" style="padding: initial; font-size: initial; text-align: initial;"> <div style="border-right: none; border-bottom: none; border-left: none; border-image: initial; border-top: 1pt solid rgb(181, 196, 223); padding: 3pt 0in 0in; font-family: Tahoma, "BB Alpha Sans", "Slate Pro"; font-size: 10pt;"> <div id="from"><b>From:</b> praveenssit@gmail.com</div><div id="sent"><b>Sent:</b> April 27, 2020 10:54 PM</div><div id="to"><b>To:</b> nginx@nginx.org</div><div id="reply_to"><b>Reply-to:</b> nginx@nginx.org</div><div id="subject"><b>Subject:</b> Re: How to hide kernel information</div></div></td></tr></tbody></table> <br> </div><!--start of _originalContent --><div name="BB10" dir="auto" style="background-image: initial; line-height: initial; outline: none;" contenteditable="false"><div dir="ltr">SINFP method is used to get the kernel information.<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Apr 28, 2020 at 11:10 AM lists <<a href="mailto:lists@lazygranch.com">lists@lazygranch.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb( 204 , 204 , 204 );padding-left:1ex"><div style="background-color:rgb( 255 , 255 , 255 )"><div id="gmail-m_-479715111517355810response_container_BBPPID" style="outline:none medium" dir="auto"> <div id="gmail-m_-479715111517355810BB10_response_div_BBPPID" dir="auto" style="width:100%"> Well I know nmap can detect the OS. I don't recall it could detect the rev of the kernel. </div><div id="gmail-m_-479715111517355810BB10_response_div_BBPPID" dir="auto" style="width:100%"><br></div><div id="gmail-m_-479715111517355810BB10_response_div_BBPPID" dir="auto" style="width:100%"><a href="https://nmap.org/book/man-os-detection.html">https://nmap.org/book/man-os-detection.html</a></div><div id="gmail-m_-479715111517355810BB10_response_div_BBPPID" dir="auto" style="width:100%"><br></div><div id="gmail-m_-479715111517355810BB10_response_div_BBPPID" dir="auto" style="width:100%"><a href="https://nmap.org/book/defenses.html">https://nmap.org/book/defenses.html</a></div> <div id="gmail-m_-479715111517355810response_div_spacer_BBPPID" dir="auto" style="width:100%"> <br></div> <div id="gmail-m_-479715111517355810blackberry_signature_BBPPID" dir="auto"> <div id="gmail-m_-479715111517355810_signaturePlaceholder_BBPPID" dir="auto"></div> </div></div><div id="gmail-m_-479715111517355810_original_msg_header_BBPPID" dir="auto"> <table id="gmail-m_-479715111517355810_pHCWrapper_BBPPID" style="border-spacing:0px;display:table;outline:none medium" width="100%"><tbody><tr><td colspan="2"> <div style="border-color:rgb( 181 , 196 , 223 );border-style:solid none none;border-width:1pt medium medium;padding:3pt 0in 0in;font-family:'tahoma' , 'bb alpha sans' , 'slate pro';font-size:10pt"> <div id="gmail-m_-479715111517355810from"><b>From:</b> <a href="mailto:praveenssit@gmail.com">praveenssit@gmail.com</a></div><div id="gmail-m_-479715111517355810sent"><b>Sent:</b> April 27, 2020 9:41 PM</div><div id="gmail-m_-479715111517355810to"><b>To:</b> <a href="mailto:nginx@nginx.org">nginx@nginx.org</a></div><div id="gmail-m_-479715111517355810reply_to"><b>Reply-to:</b> <a href="mailto:nginx@nginx.org">nginx@nginx.org</a></div><div id="gmail-m_-479715111517355810subject"><b>Subject:</b> How to hide kernel information</div></div></td></tr></tbody></table> <br> </div><div dir="auto" style="outline:none medium"><div dir="ltr"><div>Hello,</div><div><br></div><div>I have hosted Nginx 1.16.1 on Ubuntu 16.04. Have configured SSL from LetsEncrypt. Everything is running fine. Only port 80 and 443 are allowed.<br></div><div><br></div><div>During security testing, I see that kernel information is exposed on domain. More details at <a href="https://www.tenable.com/plugins/nessus/11936">https://www.tenable.com/plugins/nessus/11936</a></div><div><br></div><div>Is there any way to hide kernel information using Nginx ?</div><div><br></div><div>Cheers,</div><div>PK<br></div></div>
</div></div>_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx">http://mailman.nginx.org/mailman/listinfo/nginx</a></blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature"><font style="font-family:'courier new' , monospace" size="1"><b style="color:rgb( 102 , 102 , 102 )">Regards,<br><br></b></font><div style="color:rgb( 102 , 102 , 102 )"><font size="1"><b><font face="'comic sans ms', sans-serif"><font style="font-family:'courier new' , monospace" size="1">K S Praveen Kumar<br>M: <a href="tel:+919986855625">+91-9986855625</a></font><br></font></b></font></div></div>
<!--end of _originalContent --></div></body></html>