[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Scanning OpenBSD with NMAP - mysterious Results ???
> in the company i work, our security consultant told me
> OpenBSD would be the
> most secure OS available ....
> I´m quite new on OpenBSD but are very familiare with Linux.
> Because i wanted to test, i scanned one of our OpenBSD boxes using
> nmap -v -sS -O -P0
> and got a very mysterious Result :
> NMAP says : Difficulty 25374 (Worthly Challenge)
I'm assuming that the "????" stuff is edited output.
Ok, so you are doing a port scan and a fingerprint of the remote OS. nmap
is reporting that it thinks it can figure out by querying the TCP/IP stack.
This is not a measure of "security", but more a way of finding out what
"others" can find out about you. The right kind of information could be
used against you (by matching vulnerabilities against your OS).
In my case, a hacker will have trouble assuming that I'm a "Acorn RiscOS 3.7
using AcornNet TCP/IP stack, FreeBSD 2.2.1 - 3.2" unless he/she really knows
I suggest you visit insecure.org for a discussion of nmap's fingerprinting
technique to see what it is about your box that reports this number. I
imagine you can do stuff to get that number up. At any rate, it is a
guideline only, and varies widely from OS release and install.