From owner-freebsd-net@FreeBSD.ORG Sat Sep 4 15:38:54 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 529D516A4CE for ; Sat, 4 Sep 2004 15:38:54 +0000 (GMT) Received: from ctb-mesg6.saix.net (ctb-mesg6.saix.net [196.25.240.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id E086143D2F for ; Sat, 4 Sep 2004 15:38:53 +0000 (GMT) (envelope-from karnaugh@karnaugh.za.net) Received: from karnaugh.za.net (ndn-ip-nas-1-p186.telkom-ipnet.co.za [155.239.192.186]) by ctb-mesg6.saix.net (Postfix) with ESMTP id EC529173AC; Sat, 4 Sep 2004 17:38:48 +0200 (SAST) Message-ID: <4139E189.5080409@karnaugh.za.net> Date: Sat, 04 Sep 2004 17:38:49 +0200 From: Colin Alston User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: vxp References: <20040904093042.B37306@digital-security.org> <4139DCF0.7070008@karnaugh.za.net> <20040904094619.H37469@digital-security.org> In-Reply-To: <20040904094619.H37469@digital-security.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: fooling nmap X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Sep 2004 15:38:54 -0000 vxp wrote: >pretty much any sort of attack / intrusion attempt begins with information >gathering on the machine. part of that, would be trying to figure out what >OS runs on the machine. the more (accurate) information a potential >attacker can gather on the machine, the more chances that his attempt will >succeed. obviously, even with this change in place, you'd need to do some >other things so as to prevent this for example: > >$ telnet localhost 22 >Trying ::1... >Connected to localhost.digital-security.org >Escape character is '^]'. >SSH-1.99-OpenSSH_3.6.1p1 FreeBSD-20030924 > ^^^^^^^^^ > banners all over need to be changed > >but nevertheless, it'd be a step in the right direction in my opinion > > A great man once said to me "Security by obscurity is, after all, no security at all." This is very much a step in the wrong direction. -- Colin Alston About the use of language: "It is impossible to sharpen a pencil with a blunt axe. It is equally vain to try to do it with ten blunt axes instead." -- E.W.Dijkstra, 18th June 1975. (Perl did not exist at the time.)