Date: Sat, 4 Sep 2004 20:50:19 -0400 From: Barney Wolff <barney@databus.com> To: vxp <vxp@digital-security.org> Cc: Wesley Shields <wxs@csh.rit.edu> Subject: Re: fooling nmap Message-ID: <20040905005019.GA72836@pit.databus.com> In-Reply-To: <20040904132345.A38065@digital-security.org> References: <20040904093042.B37306@digital-security.org> <20040904175028.GA25772@csh.rit.edu> <20040904132345.A38065@digital-security.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 04, 2004 at 01:28:28PM -0400, vxp wrote: > > in other words, what would you guys say be a _proper_ bsd-style thing to > do, if this were to be done? Nothing. If you want to pollute your kernel with nonsense of this sort, go right ahead, but leave mine alone. Adding frills detracts from security, even when they're only enabled by compile-time switches. The netinet code is already a challenge to follow or keep in mind all at once. Anything that makes the problem worse without a really big payoff is insane. Aside from the above, nmap is a moving target, and is not the only OS fingerprinter around. Getting into spy-vs-spy with Fyodor is a waste of time. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040905005019.GA72836>