[REQ] nmap OS guessing hide and service hide

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
eldorado666
Posts: 1
Joined: Mon Apr 13, 2020 3:26 pm

[REQ] nmap OS guessing hide and service hide

Post by eldorado666 » Sat May 16, 2020 7:44 am

Dear members,
I'm facing an obfuscation issue with the out-of-the-box VPN Server on a Win10 box.
As you can see from the scan below the port 443/tcp is open with the Versione detail "Softether."
In order to keep the service secrecy as high as possible we would like to hide the Softether detail from the scan.
Anyone of you had the same issue and have found a fix?

nmap -p 443 -T4 -A -v HOST
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-13 20:07 W. Europe
Scanning HOST (X.X.X.X) [1000 ports]
Discovered open port 443/tcp on X.X.X.X
Completed SYN Stealth Scan at 20:07, 4.86s elapsed (1000 total ports)
PORT STATE SERVICE VERSION
443/tcp open ssl/http SoftEther VPN httpd
| http-methods:
|_ Supported Methods: GET HEAD POST
| ssl-cert:


Thanks in advance for any help.

aboka
Posts: 47
Joined: Tue Mar 14, 2017 9:38 am

Re: [REQ] nmap OS guessing hide and service hide

Post by aboka » Wed Jul 01, 2020 9:29 am

hi, found your post while searching on the same issue. im on Linux Ubuntu, but i think the way should be the same(hopefully) -

1) shutdown server

2) go inside the installation folder and create this sub folder /hamcore/wwwroot/

3) go inside the folder /hamcore/wwwroot/ and create your own index.html file

4) start server and test

i do a before after test with nmap and after applying the above method, it will not show info for softether. but do note, in the original html file, there should be a 'magic string' for connecting the server manager. i tested and everything seems to work on my side even thou i create a dummy html file. but you are advice to test everything before making it live

there is also a value you can adjust to disable ppl from accessing the webpage - 'You don't have permission to access / on this server'. it is inside the config file - DisableJsonRpcWebApi

p/s -thou it is not showing the info on nmap, but there are still other things they could catch like softether ddns :( and also dpi would show softether fingerprint. or port or traffic shaping. but at least it dont look that obvious. will keep trying more method to keep it 'safe'

good luck,

Post Reply