How to hide kernel information

Josef Vybíhal josef.vybihal at gmail.com
Tue Apr 28 13:30:41 UTC 2020


The test is GUESSing, it's written there in the link you posted. What are
your HTTP headers - what do you expose there? Do you expose your nginx
version to clients? Like in headers? Error pages? From those, it's possible
determine used OS and then guess kernel information. Is your app leaking
this info, is simle HTML page "leaking" it too?

In normal conditions, nginx does not expose such information - why would
it?. Post your config, or something to work with maybe. Once you say, 80
and 443, then only 443, also you say "I see that kernel information is
exposed on domain" - where do you see that? Show us, and help us better
understand...

My guess, is: its guessing from some header or error page, where there is
info like:
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.25

in headers, for example.

P.

On Tue, Apr 28, 2020 at 3:16 PM Praveen Kumar K S <praveenssit at gmail.com>
wrote:

> Okay. I exactly don't know how the Security Testing Team is able to get
> the kernel information. They use Qualys and Nessus for performing tests.
> All I can say is only port 443 allowed to the server and I thought asking
> you guys if it is from Nginx or is there any way to handle it. Server is
> behind firewall.
>
> On Tue, Apr 28, 2020 at 11:49 AM lists <lists at lazygranch.com> wrote:
>
>> Have you tried it?
>> https://securiteam.com/tools/5qp0920ikm/
>>
>> I ran the nmap OS detection on my own server once and it triggered
>> SSHGuard, locking me out. So a tip is you may want to run SINFP from a
>> disposable IP address if you are running fail2ban, etc.
>> *From:* praveenssit at gmail.com
>> *Sent:* April 27, 2020 10:54 PM
>> *To:* nginx at nginx.org
>> *Reply-to:* nginx at nginx.org
>> *Subject:* Re: How to hide kernel information
>>
>> SINFP method is used to get the kernel information.
>>
>> On Tue, Apr 28, 2020 at 11:10 AM lists <lists at lazygranch.com> wrote:
>>
>>> Well I know nmap can detect the OS. I don't recall it could detect the
>>> rev of the kernel.
>>>
>>> https://nmap.org/book/man-os-detection.html
>>>
>>> https://nmap.org/book/defenses.html
>>>
>>> *From:* praveenssit at gmail.com
>>> *Sent:* April 27, 2020 9:41 PM
>>> *To:* nginx at nginx.org
>>> *Reply-to:* nginx at nginx.org
>>> *Subject:* How to hide kernel information
>>>
>>> Hello,
>>>
>>> I have hosted Nginx 1.16.1 on Ubuntu 16.04. Have configured SSL from
>>> LetsEncrypt. Everything is running fine. Only port 80 and 443 are allowed.
>>>
>>> During security testing, I see that kernel information is exposed on
>>> domain. More details at https://www.tenable.com/plugins/nessus/11936
>>>
>>> Is there any way to hide kernel information using Nginx ?
>>>
>>> Cheers,
>>> PK
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>>
>>
>> --
>>
>>
>> *Regards,*
>>
>>
>> *K S Praveen KumarM: +91-9986855625 <+919986855625>*
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
> --
>
>
> *Regards,*
>
>
> *K S Praveen KumarM: +91-9986855625 *
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20200428/2f1b5ad6/attachment.htm>


More information about the nginx mailing list