[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Scanning OpenBSD with NMAP - mysterious Results ???

To: John Verne <john.verne@mks.com>
Subject: RE: Scanning OpenBSD with NMAP - mysterious Results ???
From: "Joseph W. Shaw II" <mrman@darkside.org>
Date: Thu, 31 May 2001 13:06:47 -0500 (CDT)
Cc: "'Johann Steigenberger'" <office@admins.ws>, tech@openbsd.org

On Thu, 31 May 2001, John Verne wrote:

> > NMAP says : Difficulty 25374 (Worthly Challenge)
> 
> Ok, so you are doing a port scan and a fingerprint of the remote OS.  nmap
> is reporting that it thinks it can figure out by querying the TCP/IP stack.
> 
> This is not a measure of "security", but more a way of finding out what
> "others" can find out about you.  The right kind of information could be
> used against you (by matching vulnerabilities against your OS).

TCP sequence number predictability most certainly is a measure of an
operating system's security.  The harder they are to predict, the
better off you are from spoofing attacks.  Just ask Shimomura.  However,
anything pre-2.9 is sub-par for the new method of TCP sequence
predictability.  I'm unsure if the latest nmap now supports the new
method.

Regards,
--
Joseph

Follow-Ups:
- Re: Scanning OpenBSD with NMAP - mysterious Results ???
  - From: Sebastian Stark <seb@todesplanet.de>

References:
- RE: Scanning OpenBSD with NMAP - mysterious Results ???
  - From: John Verne <john.verne@mks.com>

Prev by Date: Re: ipf & gcc
Next by Date: Re: passive/active ftp
Prev by thread: Re: Scanning OpenBSD with NMAP - mysterious Results ???
Next by thread: Re: Scanning OpenBSD with NMAP - mysterious Results ???
Index(es):
- Date
- Thread