How to hide kernel information
Praveen Kumar K S
praveenssit at gmail.com
Tue Apr 28 13:15:51 UTC 2020
Okay. I exactly don't know how the Security Testing Team is able to get the
kernel information. They use Qualys and Nessus for performing tests. All I
can say is only port 443 allowed to the server and I thought asking you
guys if it is from Nginx or is there any way to handle it. Server is behind
On Tue, Apr 28, 2020 at 11:49 AM lists <lists at lazygranch.com> wrote:
> Have you tried it?
> I ran the nmap OS detection on my own server once and it triggered
> SSHGuard, locking me out. So a tip is you may want to run SINFP from a
> disposable IP address if you are running fail2ban, etc.
> *From:* praveenssit at gmail.com
> *Sent:* April 27, 2020 10:54 PM
> *To:* nginx at nginx.org
> *Reply-to:* nginx at nginx.org
> *Subject:* Re: How to hide kernel information
> SINFP method is used to get the kernel information.
> On Tue, Apr 28, 2020 at 11:10 AM lists <lists at lazygranch.com> wrote:
>> Well I know nmap can detect the OS. I don't recall it could detect the
>> rev of the kernel.
>> *From:* praveenssit at gmail.com
>> *Sent:* April 27, 2020 9:41 PM
>> *To:* nginx at nginx.org
>> *Reply-to:* nginx at nginx.org
>> *Subject:* How to hide kernel information
>> I have hosted Nginx 1.16.1 on Ubuntu 16.04. Have configured SSL from
>> LetsEncrypt. Everything is running fine. Only port 80 and 443 are allowed.
>> During security testing, I see that kernel information is exposed on
>> domain. More details at https://www.tenable.com/plugins/nessus/11936
>> Is there any way to hide kernel information using Nginx ?
>> nginx mailing list
>> nginx at nginx.org
> *K S Praveen KumarM: +91-9986855625 <+919986855625>*
> nginx mailing list
> nginx at nginx.org
*K S Praveen KumarM: +91-9986855625 *
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx