How to hide kernel information

Praveen Kumar K S praveenssit at gmail.com
Tue Apr 28 15:33:55 UTC 2020


Thank you for your support. I will take all your inputs into consideration
to fix this issue.

On Tue, Apr 28, 2020 at 8:47 PM J.R. <themadbeaker at gmail.com> wrote:

> > Okay. I exactly don't know how the Security Testing Team is able to get
> the
> > kernel information. They use Qualys and Nessus for performing tests. All
> I
> > can say is only port 443 allowed to the server and I thought asking you
> > guys if it is from Nginx or is there any way to handle it. Server is
> behind
> > firewall.
>
> As someone else commented, check your HTTP headers to make sure they
> aren't publishing something extremely obvious for the casual scanner.
>
> As for determining kernel version, the web server has zero control
> over that. The scanner program you are referring to fingerprints based
> on kernel TCP settings / support... i.e. TCP Flags, Window, Options,
> MSS, etc...  Totally unrelated to nginx, and the same information
> could be gathered on any open service / port.
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>


-- 


*Regards,*


*K S Praveen KumarM: +91-9986855625 *
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20200428/f628d1b0/attachment.htm>


More information about the nginx mailing list