From owner-freebsd-hackers Mon Aug 23 2:11:13 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id DDE8F1561F for ; Mon, 23 Aug 1999 02:10:47 -0700 (PDT) (envelope-from geoff@rucus.ru.ac.za) Received: (qmail 94849 invoked by uid 268); 23 Aug 1999 09:09:06 -0000 Message-ID: <19990823090906.94848.qmail@rucus.ru.ac.za> Subject: Re: setting up -STABLE for hack contest In-Reply-To: <37BDA6E7.1B8F3BFB@ispro.net.tr> from Evren Yurtesen at "Aug 20, 1999 10:05:11 pm" To: yurtesen@ispro.net.tr (Evren Yurtesen) Date: Mon, 23 Aug 1999 11:09:06 +0200 (SAST) Cc: hackers@freebsd.org Reply-To: "Geoff Rehmet" From: "Geoff Rehmet" X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Evren Yurtesen writes : > it is possible to detect operating systems from their behaviours > of replying to packets. > > see the program queso from ports/packages. > > but anyway you can change the login prompt from /etc/gettytab file > Also have a look at ports/security/nmap, and go to www.insecure.org. In order to stop someone guessing your OS, you will need to make changes to your TCP implementation. These include, changing the way in which TCP initial sequence numbers are calculated, as well as changing behaviour of TCP wrt the handling of certain "unexpected" TCP segments on open or closed ports - e.g. what happens when someone sends a surprise FIN segment to a closed port. Geoff. -- Geoff Rehmet, The Internet Solution geoffr@is.co.za; geoff@rucus.ru.ac.za; csgr@freebsd.org tel: +27-83-292-5800 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message