> If we run nmap ( or whatever the name du jour is ) we > see : > > Warning: OS detection will be MUCH less reliable > because we did not find at > least 1 open and 1 closed TCP port > Interesting ports on xxx.xxx.xxx.xxx: > (The 1667 ports scanned but not shown below are in > state: filtered) > PORT STATE SERVICE > 123/tcp open ntp ... > That is what a typical Solaris server looks like. > Like a damned slammed > hut door into which nothing enters unless you allow > it. > > So ... what do you do ?
There is a ton of information from that Nmap scan. First, an attacker will now know which operating system you're running, considerably narrowing the focus. Second, there is NTP listening, or at least it appears to be. So the next thing to do is go look at the NTP server code carefully, and see if there are any ways to crash that NTP server by feeding it garbage. Another attack vector is the TCP/IP stack. That Solaris fingerprint is just a killer, because that narrows it down considerably. That's where I'd start, at least. My point is, don't believe you're safe just because there is only one port open. "You never know where evil will strike." That was my original point I was trying to impart upon you. This message posted from opensolaris.org _______________________________________________ opensolaris-discuss mailing list [email protected]
