Date: Sat, 4 Sep 2004 13:53:54 -0400 (EDT) From: vxp <vxp@digital-security.org> To: Colin Alston <karnaugh@karnaugh.za.net> Cc: Wesley Shields <wxs@csh.rit.edu> Subject: Re: fooling nmap Message-ID: <20040904135129.L38122@digital-security.org> In-Reply-To: <413A15DB.5010702@karnaugh.za.net> References: <20040904093042.B37306@digital-security.org> <20040904175028.GA25772@csh.rit.edu> <413A15DB.5010702@karnaugh.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Sep 2004, Colin Alston wrote: > My point was if it provides no security, then there is no point to it at > all. oh, but it does. it prevents them from gathering accurate information about your system. that's an extremely important part of the attack. > Most attackers are going to exploit things at a service level > anyway. What is the point of changing the fingerprint? ok, say your apache is vulnerable to whatever. an exploit for that apache under linux is one thing, under freebsd is another, under windows another, etc. the 'service level' won't work, if you got the OS wrong. there's very very few cross-platform vulnerabilities that share the _same_ exploit code on _all_ platforms. actually, there's not a 'few'. there's none. > Change it to > Windows and attract more attension? Or just so that people attempt the > wrong attacks. wrong attacks, yes. wrong attacks = no intrusion.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040904135129.L38122>