So when do we change things like "uname" such that they no longer report the system "identity" (OS, OS rev) to anyone but root ? Why do you think all timestamps should not reveal uptime information ? What do you think is at risk here ? Are script kiddies going to say "ooh, he's been up for 500 days and he's not linux, lets flood him to death" ? Or is there something more fundamental ? One potential use of uptime information to an attackers advantage is in attacking things which use the current time (seconds, microseconds, whatever) as a seed for some sort of thing when the start up at boot time. An server which has a week PRNG or similar might be at risk, where it otherwise would not, do you think ? Darren
- TCP Timestamping and Remotely gathering uptime info... Bret
- Re: TCP Timestamping and Remotely gathering up... Fyodor
- Re: TCP Timestamping and Remotely gathering up... Bret
- Re: TCP Timestamping and Remotely gatherin... Ted U
- Re: TCP Timestamping and Remotely gatherin... Darren Reed
- Re: TCP Timestamping and Remotely gath... Valdis Kletnieks
- Re: TCP Timestamping and Remotely gath... arivanov
- Re: TCP Timestamping and Remotely gath... Saint skullY the Dazed
- Re: TCP Timestamping and Remotely gatherin... Stephen White
- Re: TCP Timestamping and Remotely gath... bert hubert
- Remote fingerprinting/uptime (was Re: ... Darren Reed
- Re: Remote fingerprinting/uptime (... Jason R Thorpe
- Re: TCP Timestamping and Remotely gathering up... Chris Tobkin
- Re: TCP Timestamping and Remotely gathering up... Ted U
- Re: TCP Timestamping and Remotely gathering up... Matt Lewis
