From owner-freebsd-security  Sun Sep 12 12:45:16 1999
Delivered-To: freebsd-security@freebsd.org
Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5C6A9153D6; Sun, 12 Sep 1999 12:44:38 -0700 (PDT)
	(envelope-from ben@scientia.demon.co.uk)
Received: from lithium.scientia.demon.co.uk ([192.168.0.3] ident=exim)
	by scientia.demon.co.uk with esmtp (Exim 3.032 #1)
	id 11QBt3-000FmH-00; Sun, 12 Sep 1999 16:49:53 +0100
Received: (from ben) by lithium.scientia.demon.co.uk (Exim 3.032 #1)
	id 11QBt2-000BQo-00; Sun, 12 Sep 1999 16:49:52 +0100
Date: Sun, 12 Sep 1999 16:49:52 +0100
From: Ben Smithurst <ben@scientia.demon.co.uk>
To: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Cc: freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG
Subject: Re: How to prevent motd including os info
Message-ID: <19990912164952.A43885@lithium.scientia.demon.co.uk>
References: <4.2.0.58.19990911151659.00aa8d60@ns1.digicomsystems.net> <19990912012524.B41509@lithium.scientia.demon.co.uk> <xzpn1usmka2.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.6i
In-Reply-To: <xzpn1usmka2.fsf@flood.ping.uio.no>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Dag-Erling Smorgrav wrote:

> Ben Smithurst <ben@scientia.demon.co.uk> writes:
>
>> Note that people can still use nmap or something to guess at your OS.
>
> # ipfw add 1 deny tcp from any to any in tcpflags syn,fin
>
> No they can't.

Thanks, I didn't know about that. I'll try to remember it though.

-- 
Ben Smithurst            | PGP: 0x99392F7D
ben@scientia.demon.co.uk |   key available from keyservers and
                         |   ben+pgp@scientia.demon.co.uk


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message