Quote:
| Originally Posted by kuki9591 Thanks for the response, NTP is already closed on the firewalls, the pentesters ran the scan on the same subnets as the servers. |
You mean they came in, ran a standard automated test suite, handed over the output and charged a fortune
You have to question the validity of the test to your own circumstances. There is usually a lot of other traffic floating around a typical subnet announcing the Windows servers to anyone able to drive Ethereal.
Quote:
|
Google used to be my friend until this little gem came along.
|
As far as I know there is no way to change the reply from the time service on Windows servers. Which is what the security experts mean when they say
Quote:
|
technical information that would be of use to an attacker in fingerprinting the Operating System on the server.
|
The choice seems to be;
1. Accept that any host able to query the time service can discover it is a Windows server.
2. Completely replace the time syncronisation infrastructure across the Active Directory domain.