Date: Sat, 4 Sep 2004 13:28:28 -0400 (EDT) From: vxp <vxp@digital-security.org> To: Wesley Shields <wxs@csh.rit.edu> Cc: Colin Alston <karnaugh@karnaugh.za.net> Subject: Re: fooling nmap Message-ID: <20040904132345.A38065@digital-security.org> In-Reply-To: <20040904175028.GA25772@csh.rit.edu> References: <20040904093042.B37306@digital-security.org> <20040904175028.GA25772@csh.rit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Sep 2004, Wesley Shields wrote: > > That is true, but the problem with these kinds of things is that users > will think that with a simple flip of a sysctl they are secure, when in > fact that are no more secure than before. that's also 100% true, however that's why documentation exists. there's even a security section within it.. we would probably want to add something like 'obscurity is great if it's only _one of_ the components in your security setup, not _the only_ component'. they might get the point. =) now, another question arises i could always code a parser for nmap fingerprints file, but i don't think that's a good idea to include something like that in the kernel.. what do you think? hardcode a few OS fingerprint choices, and call it a day ? in other words, what would you guys say be a _proper_ bsd-style thing to do, if this were to be done? --Val
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040904132345.A38065>