Dear members,
I'm facing an obfuscation issue with the out-of-the-box VPN Server on a Win10 box.
As you can see from the scan below the port 443/tcp is open with the Versione detail "Softether."
In order to keep the service secrecy as high as possible we would like to hide the Softether detail from the scan.
Anyone of you had the same issue and have found a fix?
nmap -p 443 -T4 -A -v HOST
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-13 20:07 W. Europe
Scanning HOST (X.X.X.X) [1000 ports]
Discovered open port 443/tcp on X.X.X.X
Completed SYN Stealth Scan at 20:07, 4.86s elapsed (1000 total ports)
PORT STATE SERVICE VERSION
443/tcp open ssl/http SoftEther VPN httpd
| http-methods:
|_ Supported Methods: GET HEAD POST
| ssl-cert:
Thanks in advance for any help.
[REQ] nmap OS guessing hide and service hide
-
- Posts: 1
- Joined: Mon Apr 13, 2020 3:26 pm
-
- Posts: 47
- Joined: Tue Mar 14, 2017 9:38 am
Re: [REQ] nmap OS guessing hide and service hide
hi, found your post while searching on the same issue. im on Linux Ubuntu, but i think the way should be the same(hopefully) -
1) shutdown server
2) go inside the installation folder and create this sub folder /hamcore/wwwroot/
3) go inside the folder /hamcore/wwwroot/ and create your own index.html file
4) start server and test
i do a before after test with nmap and after applying the above method, it will not show info for softether. but do note, in the original html file, there should be a 'magic string' for connecting the server manager. i tested and everything seems to work on my side even thou i create a dummy html file. but you are advice to test everything before making it live
there is also a value you can adjust to disable ppl from accessing the webpage - 'You don't have permission to access / on this server'. it is inside the config file - DisableJsonRpcWebApi
p/s -thou it is not showing the info on nmap, but there are still other things they could catch like softether ddns :( and also dpi would show softether fingerprint. or port or traffic shaping. but at least it dont look that obvious. will keep trying more method to keep it 'safe'
good luck,
1) shutdown server
2) go inside the installation folder and create this sub folder /hamcore/wwwroot/
3) go inside the folder /hamcore/wwwroot/ and create your own index.html file
4) start server and test
i do a before after test with nmap and after applying the above method, it will not show info for softether. but do note, in the original html file, there should be a 'magic string' for connecting the server manager. i tested and everything seems to work on my side even thou i create a dummy html file. but you are advice to test everything before making it live
there is also a value you can adjust to disable ppl from accessing the webpage - 'You don't have permission to access / on this server'. it is inside the config file - DisableJsonRpcWebApi
p/s -thou it is not showing the info on nmap, but there are still other things they could catch like softether ddns :( and also dpi would show softether fingerprint. or port or traffic shaping. but at least it dont look that obvious. will keep trying more method to keep it 'safe'
good luck,