From owner-freebsd-questions Wed Oct 6 11:50:29 1999 Delivered-To: freebsd-questions@freebsd.org Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32]) by hub.freebsd.org (Postfix) with ESMTP id 9DE4314C36 for ; Wed, 6 Oct 1999 11:50:22 -0700 (PDT) (envelope-from dwhite@resnet.uoregon.edu) Received: from localhost (dwhite@localhost) by resnet.uoregon.edu (8.9.3/8.9.3) with ESMTP id LAA20676; Wed, 6 Oct 1999 11:48:47 -0700 (PDT) (envelope-from dwhite@resnet.uoregon.edu) Date: Wed, 6 Oct 1999 11:48:46 -0700 (PDT) From: Doug White To: Kenneth Culver Cc: freebsd-questions@FreeBSD.ORG Subject: Re: nmap In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 5 Oct 1999, Kenneth Culver wrote: > I was just wondering, it seems that (at least nmap thinks so) that > freebsd's security is not as good as linux. here is an nmap output from a > linux box on the local LAN (using nmap -sF -O hostname): Based on the number of ports located, I would give the opposite analysis. If you're using this metric: > TCP Sequence Prediction: Class=random positive increments > Difficulty=1865858 (Good luck!) Versus: > TCP Sequence Prediction: Class=random positive increments > Difficulty=31411 (Worthy challenge) It's entirely bogus. Differences in the random numbers generated affect the difficulty greatly. The algorithm used is more interesting. Try running this against an OpenBSD box. > Remote operating system guess: Linux 2.1.122 - 2.2.12 These strings are hardcoded into the app, so no wonder it doesn't differentiate between 3.X and 4.X boxen; they should come up with the same identity anyway. Lesson: Don't depend on the output of one simple app for an entire security analysis. It's only one tool. Doug White | FreeBSD: The Power to Serve dwhite@resnet.uoregon.edu | www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message