[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TCP Flags question
On Tue, Dec 10, 2002 at 10:27:02PM -0600, James Nobis wrote:
> I use to use S/SA without much of a thought to it and nmap -O happily said I was
> running Openbsd with scrub in all. Upon changing my rule to a S/SAFPRU you can
> nmap -O till you are blue in the face and nmap is clueless. I think that a
> decent advantage. If you are just writing a rule for inbound connections ie a
> webserver and you keep state then S/SAFPRU will make detection of the os
> difficult if not impossible (assuming you block all other ports that aren't
> open.) It all falls upon how paranoid you are I suppose.
oh wow, a real advantage.
if someone wants to know I'm running OpenBSD he just needs to read our
Henning Brauer, BS Web Services, http://bsws.de
email@example.com - firstname.lastname@example.org
Unix is very simple, but it takes a genius to understand the simplicity.