[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP Flags question



On Tue, Dec 10, 2002 at 10:27:02PM -0600, James Nobis wrote:
> I use to use S/SA without much of a thought to it and nmap -O happily said I was
> running Openbsd with scrub in all.  Upon changing my rule to a S/SAFPRU you can
> nmap -O till you are blue in the face and nmap is clueless.  I think that a
> decent advantage.  If you are just writing a rule for inbound connections ie a
> webserver and you keep state then S/SAFPRU will make detection of the os
> difficult if not impossible (assuming you block all other ports that aren't
> open.)  It all falls upon how paranoid you are I suppose.
oh wow, a real advantage.
if someone wants to know I'm running OpenBSD he just needs to read our
website.
-- 
Henning Brauer, BS Web Services, http://bsws.de
hb@bsws.de - henning@openbsd.org
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)