Date: Thu, 19 Jul 2001 20:07:53 -0700 From: Kris Kennaway <kris@obsecurity.org> To: teo@gecadsoftware.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: netcraft uptime Message-ID: <20010719200752.A77759@xor.obsecurity.org> In-Reply-To: <20010720001820.A585@gecadsoftware.com>; from teo@gecadsoftware.com on Fri, Jul 20, 2001 at 12:18:20AM %2B0300 References: <01071912454000.51519@galaxy.anchoragerescue.org> <20010720001820.A585@gecadsoftware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--AhhlLboLdkugWU4S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 20, 2001 at 12:18:20AM +0300, teo@gecadsoftware.com wrote: > Hi Beech! > On Thu, 19 Jul 2001, Beech Rintoul wrote: >=20 > > I was looking at netcraft's site today and noticed that uptime doesn't = work=20 > > with FBSD servers. Anyboy have any info on this? Like how they do it an= d can=20 > > my server be configured to show it? > >=20 > [wild guess] >=20 > AFAIK the uptime is guessed using actually a flaw in TCP/IP; I saw that f= irst > time implemented in nmap, and I guess you cannot do it w/ FreeBSD Well, it's not a flaw per se, i.e. it's in conformance with the relevant RFC (1323), but it's arguably an undesirable feature anyway (information leaks about exact system uptime not good for security, mmkay?). When I get enough free time I'll be making a sysctl to disable the information leak while still letting you enable RFC 1323 extensions (which are back on by default again thesedays). Kris --AhhlLboLdkugWU4S Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7V6CHWry0BWjoQKURAgMhAJ4uetvdkPZ3uPsl45KQE69cRjnYigCgmw58 x0UWVMGVDgCMP5VRHi7FDks= =OqmW -----END PGP SIGNATURE----- --AhhlLboLdkugWU4S-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010719200752.A77759>