Hello, welcome to the Friday, April 10th, 2020 edition of the Sandstone at Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Today we have a quick diary by Manuel about how to spoof OS fingerprints.

Now, NMAP, of course, always had the ability

to pretty accurately identify operating systems,

and it had a well-established database

of different operating system fingerprints.

A system under an attacker's control

can of course fake the response responses it's sending back.

And Manuel is introducing here a quick tool called OSFooler NG that's able to impersonate different operating systems.

Pretty neat little tool to play around with and learn more about how these subtle

difference in particular in TCP can be used to identify an operating system. And with everybody

still working from home, it's of course really important that you do have robust remote access

to your systems. One way to achieve this is the Dell IDRAG cards.

These are plugin boards that give you full access to power the console over IP networks,

and well, hopefully not over the internet.

Because Dell just released an update for the ID rack cards from version 7 through 9 that

fixes an unauthenticated buffer overflow vulnerabilities in these systems.

So an attacker could use this vulnerability to effectively take over the ID rack card and of course once they

have access to that they essentially do have a console access like physical access to the

affected system now as part of the advisory del does reiterate that you should connect these cards only to a separate management network.

So definitely be very careful about how you deploy them and they should never, ever be

...