From owner-freebsd-security  Fri Jul  6 20:19:55 2001
Delivered-To: freebsd-security@freebsd.org
Received: from smtp4.hushmail.com (smtp4.hushmail.com [64.40.111.32])
	by hub.freebsd.org (Postfix) with ESMTP id A9A2F37B408
	for <security@freebsd.org>; Fri,  6 Jul 2001 20:19:52 -0700 (PDT)
	(envelope-from appleseed@hushmail.com)
Received: from user7.hushmail.com (user7.hushmail.com [64.40.111.47])
	by smtp4.hushmail.com (Postfix) with ESMTP
	id 0FC112F33; Fri,  6 Jul 2001 20:19:24 -0700 (PDT)
Received: (from root@localhost)
	by user7.hushmail.com (8.9.3/8.9.3) id UAA11446;
	Fri, 6 Jul 2001 20:19:23 -0700
From: appleseed@hushmail.com
Message-Id: <200107070319.UAA11446@user7.hushmail.com>
Date: Fri, 6 Jul 2001 20:09:10 -0500 (PDT)
Cc: avalon@coombs.anu.edu.au
To: security@freebsd.org
Mime-version: 1.0
Content-type: multipart/mixed; boundary="Hushpart_boundary_tzHfCvuSGTsVhIivvROvBWCnVvnHQrHw"
Subject: Re: Hiding Versions
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

--Hushpart_boundary_tzHfCvuSGTsVhIivvROvBWCnVvnHQrHw
Content-type: text/plain

>wrong.
Okay, I'm running a gateway A. A receives packets incoming
on the internet interface to port 80 and forwards the request
on the condition that its a proper SYN packet with keep-state
enabled disallowing fragmentation etc.  Verified, the data
is forwarded via NAT to the internal machine B at port X
assumed to be an integer greater than maximum privledge
port and less than maximum allowed TCP port.
-- request --> [ A:80 .nat.->] ---> [B:X .httpd.]
B's firewall rules verify what the router already knows and 
sends back the proper packet. 
I've never had nmap verify the OS of a system based on this
setup. Ever.
With all due respect prove me wrong.
northern_
P.S. I was hoping you would respond the way u did, since, if u
did not we both know i wouldnt be using ipf anymore ;-)

Free, encrypted, secure Web-based email at www.hushmail.com
--Hushpart_boundary_tzHfCvuSGTsVhIivvROvBWCnVvnHQrHw--



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message