The test is GUESSing, it's written there in the link you posted. What are
your HTTP headers - what do you expose there? Do you expose your nginx
version to clients? Like in headers? Error pages? From those, it's possible
determine used OS and then guess kernel information. Is your app leaking
this info, is simle HTML page "leaking" it too?
In normal conditions, nginx does not expose such information - why would
it?. Post your config, or something to work with maybe. Once you say, 80
and 443, then only 443, also you say "I see that kernel information is
exposed on domain" - where do you see that? Show us, and help us better
understand...
My guess, is: its guessing from some header or error page, where there is
info like:
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.25
in headers, for example.
P.
On Tue, Apr 28, 2020 at 3:16 PM Praveen Kumar K S <praveenssit@gmail.com>
wrote:
> Okay. I exactly don't know how the Security Testing Team is able to get
> the kernel information. They use Qualys and Nessus for performing tests.
> All I can say is only port 443 allowed to the server and I thought asking
> you guys if it is from Nginx or is there any way to handle it. Server is
> behind firewall.
>
> On Tue, Apr 28, 2020 at 11:49 AM lists <lists@lazygranch.com> wrote:
>
>> Have you tried it?
>> https://securiteam.com/tools/5qp0920ikm/
>>
>> I ran the nmap OS detection on my own server once and it triggered
>> SSHGuard, locking me out. So a tip is you may want to run SINFP from a
>> disposable IP address if you are running fail2ban, etc.
>> *From:* praveenssit@gmail.com
>> *Sent:* April 27, 2020 10:54 PM
>> *To:* nginx@nginx.org
>> *Reply-to:* nginx@nginx.org
>> *Subject:* Re: How to hide kernel information
>>
>> SINFP method is used to get the kernel information.
>>
>> On Tue, Apr 28, 2020 at 11:10 AM lists <lists@lazygranch.com> wrote:
>>
>>> Well I know nmap can detect the OS. I don't recall it could detect the
>>> rev of the kernel.
>>>
>>> https://nmap.org/book/man-os-detection.html
>>>
>>> https://nmap.org/book/defenses.html
>>>
>>> *From:* praveenssit@gmail.com
>>> *Sent:* April 27, 2020 9:41 PM
>>> *To:* nginx@nginx.org
>>> *Reply-to:* nginx@nginx.org
>>> *Subject:* How to hide kernel information
>>>
>>> Hello,
>>>
>>> I have hosted Nginx 1.16.1 on Ubuntu 16.04. Have configured SSL from
>>> LetsEncrypt. Everything is running fine. Only port 80 and 443 are allowed.
>>>
>>> During security testing, I see that kernel information is exposed on
>>> domain. More details at https://www.tenable.com/plugins/nessus/11936
>>>
>>> Is there any way to hide kernel information using Nginx ?
>>>
>>> Cheers,
>>> PK
>>> _______________________________________________
>>> nginx mailing list
>>> nginx@nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>>
>>
>> --
>>
>>
>> *Regards,*
>>
>>
>> *K S Praveen KumarM: +91-9986855625 <+919986855625>*
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
> --
>
>
> *Regards,*
>
>
> *K S Praveen KumarM: +91-9986855625 *
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
