Limiting Administration by OS
This is the third and probably last of my ramblings on the subject of locking down a machines potential attack footprint by mass filtering. While I’ve already mentioned blocking certain ports to entire countries (mostly to stop SPAM) and only allowing access to other ports to geographically local IPs (to stop attacks on critical services like SSH for admins) it is also worth mentioning OS detection.
Certain products and operating systems, such as P0F, OpenBSD’s PF etc, can detect what operating system someone is trying to connect with.
Read on →