RE: Scanning OpenBSD with NMAP - mysterious Results ???

[John Verne <john.verne@mks.com>]

> in the company i work, our security consultant told me 
> OpenBSD would be the
> most secure OS available ....
> I´m quite new on OpenBSD but are very familiare with Linux.
> Because i wanted to test, i scanned one of our OpenBSD boxes using
> nmap -v -sS -O -P0
> and got a very mysterious Result :
> 
> NMAP says : Difficulty 25374 (Worthly Challenge)
> 
> ??????????????
> 
I'm assuming that the "????" stuff is edited output.

Ok, so you are doing a port scan and a fingerprint of the remote OS.  nmap
is reporting that it thinks it can figure out by querying the TCP/IP stack.

This is not a measure of "security", but more a way of finding out what
"others" can find out about you.  The right kind of information could be
used against you (by matching vulnerabilities against your OS).

In my case, a hacker will have trouble assuming that I'm a "Acorn RiscOS 3.7
using AcornNet TCP/IP stack, FreeBSD 2.2.1 - 3.2" unless he/she really knows
their stuff.

I suggest you visit insecure.org for a discussion of nmap's fingerprinting
technique to see what it is about your box that reports this number.  I
imagine you can do stuff to get that number up.  At any rate, it is a
guideline only, and varies widely from OS release and install.

jdv