Welcome! Log In Create A New Profile

Advanced

Re: How to hide kernel information

April 28, 2020 09:32AM
The test is GUESSing, it's written there in the link you posted. What are
your HTTP headers - what do you expose there? Do you expose your nginx
version to clients? Like in headers? Error pages? From those, it's possible
determine used OS and then guess kernel information. Is your app leaking
this info, is simle HTML page "leaking" it too?

In normal conditions, nginx does not expose such information - why would
it?. Post your config, or something to work with maybe. Once you say, 80
and 443, then only 443, also you say "I see that kernel information is
exposed on domain" - where do you see that? Show us, and help us better
understand...

My guess, is: its guessing from some header or error page, where there is
info like:
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.25

in headers, for example.

P.

On Tue, Apr 28, 2020 at 3:16 PM Praveen Kumar K S <praveenssit@gmail.com>
wrote:

> Okay. I exactly don't know how the Security Testing Team is able to get
> the kernel information. They use Qualys and Nessus for performing tests.
> All I can say is only port 443 allowed to the server and I thought asking
> you guys if it is from Nginx or is there any way to handle it. Server is
> behind firewall.
>
> On Tue, Apr 28, 2020 at 11:49 AM lists <lists@lazygranch.com> wrote:
>
>> Have you tried it?
>> https://securiteam.com/tools/5qp0920ikm/
>>
>> I ran the nmap OS detection on my own server once and it triggered
>> SSHGuard, locking me out. So a tip is you may want to run SINFP from a
>> disposable IP address if you are running fail2ban, etc.
>> *From:* praveenssit@gmail.com
>> *Sent:* April 27, 2020 10:54 PM
>> *To:* nginx@nginx.org
>> *Reply-to:* nginx@nginx.org
>> *Subject:* Re: How to hide kernel information
>>
>> SINFP method is used to get the kernel information.
>>
>> On Tue, Apr 28, 2020 at 11:10 AM lists <lists@lazygranch.com> wrote:
>>
>>> Well I know nmap can detect the OS. I don't recall it could detect the
>>> rev of the kernel.
>>>
>>> https://nmap.org/book/man-os-detection.html
>>>
>>> https://nmap.org/book/defenses.html
>>>
>>> *From:* praveenssit@gmail.com
>>> *Sent:* April 27, 2020 9:41 PM
>>> *To:* nginx@nginx.org
>>> *Reply-to:* nginx@nginx.org
>>> *Subject:* How to hide kernel information
>>>
>>> Hello,
>>>
>>> I have hosted Nginx 1.16.1 on Ubuntu 16.04. Have configured SSL from
>>> LetsEncrypt. Everything is running fine. Only port 80 and 443 are allowed.
>>>
>>> During security testing, I see that kernel information is exposed on
>>> domain. More details at https://www.tenable.com/plugins/nessus/11936
>>>
>>> Is there any way to hide kernel information using Nginx ?
>>>
>>> Cheers,
>>> PK
>>> _______________________________________________
>>> nginx mailing list
>>> nginx@nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>>
>>
>> --
>>
>>
>> *Regards,*
>>
>>
>> *K S Praveen KumarM: +91-9986855625 <+919986855625>*
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
> --
>
>
> *Regards,*
>
>
> *K S Praveen KumarM: +91-9986855625 *
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

How to hide kernel information

Praveen Kumar K S April 28, 2020 12:42AM

Re: How to hide kernel information

gariac April 28, 2020 01:42AM

Re: How to hide kernel information

Praveen Kumar K S April 28, 2020 01:56AM

Re: How to hide kernel information

Praveen Kumar K S April 28, 2020 09:18AM

Re: How to hide kernel information

jvybihal April 28, 2020 09:32AM

Re: How to hide kernel information

J.R. April 28, 2020 11:18AM

Re: How to hide kernel information

Praveen Kumar K S April 28, 2020 11:36AM

Re: How to hide kernel information

gariac April 28, 2020 04:46PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 88
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready