Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
386
Views
0
Helpful
1
Replies

Blocking OS detection

clonenolc
Level 1
Level 1

‎09-07-2007 03:06 AM - edited ‎03-11-2019 04:08 AM

Hello everyone,

Is there a way to protect against operating system detection using Cisco PIX similar to "mangle" feature of IPTables that allows modification of response packets from the server behind the firewall to imitate some other operating system?

If not "mangle", are there any other ways of blocking against this detection type?

Any help would be greatly appreciated.

Thanks.

Clone

Labels:
0 Helpful
1 Reply 1

cpembleton
Level 4
Level 4

‎09-10-2007 06:49 PM

What version code are your running? 6.X or 7.X?

6.X has some application inspection (fixup) that masks banner info but very limited.

7.X has application inspection for some well known ports. You can use regular expressions to match specific traffic and mask out there response.

7.x Application inspection:

http://www.cisco.com/en/US/customer/docs/security/asa/asa72/configuration/guide/inspect.html

Thanks,

Chad

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top