Date: Wed, 6 Oct 1999 11:48:46 -0700 (PDT) From: Doug White <dwhite@resnet.uoregon.edu> To: Kenneth Culver <culverk@culverk.student.umd.edu> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: nmap Message-ID: <Pine.BSF.4.10.9910061122270.1747-100000@resnet.uoregon.edu> In-Reply-To: <Pine.BSF.4.10.9910052233060.386-100000@culverk.student.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 5 Oct 1999, Kenneth Culver wrote: > I was just wondering, it seems that (at least nmap thinks so) that > freebsd's security is not as good as linux. here is an nmap output from a > linux box on the local LAN (using nmap -sF -O hostname): Based on the number of ports located, I would give the opposite analysis. If you're using this metric: > TCP Sequence Prediction: Class=random positive increments > Difficulty=1865858 (Good luck!) Versus: > TCP Sequence Prediction: Class=random positive increments > Difficulty=31411 (Worthy challenge) It's entirely bogus. Differences in the random numbers generated affect the difficulty greatly. The algorithm used is more interesting. Try running this against an OpenBSD box. > Remote operating system guess: Linux 2.1.122 - 2.2.12 These strings are hardcoded into the app, so no wonder it doesn't differentiate between 3.X and 4.X boxen; they should come up with the same identity anyway. Lesson: Don't depend on the output of one simple app for an entire security analysis. It's only one tool. Doug White | FreeBSD: The Power to Serve dwhite@resnet.uoregon.edu | www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9910061122270.1747-100000>