N. Pari Purna Chand wrote:
>=20
> I for one completely agree with davidie,
>=20
> Read up Remote OS detection via TCP/IP Stack FingerPrinting
> by Fyodor <[EMAIL PROTECTED]>. Fyodor
> has done an excellent analysis of various techniques for=20
> identifying the
> remote OS. You can find it at:
> http://www.insecure.org/nmap/nmap-fingerprinting-article.txt
> And that doesnot require anyother tool than nmap.
> So changing a benner is not really going to help anyone.
>=20
As I wrote in an earlier posting you can also fool nmap os =
fingerprinting. This can be done by a firewall or by =
configuring/patching your os.=20
Read more about it here:
http://ippersonality.sourceforge.net/
http://packetstorm.linuxsecurity.com/UNIX/patches/nmap-freak-freebsd4.4-p=
atch
At least my systems don't yell out the correct results. But a hacker can =
still figure stuff out if he/she wants. It's just not as obvious to the =
average script kiddie which are the ones performing most breakins today.
> If anyone is so paranoid about exploits in olderversions
> I bet they'll prefer updating to latest patch/stable-version
> than hiding/altering smtp banners.
Sure. Keeping the system updated is very important. But we don't know =
when an unpublished exploit is exchanging hands in the computer =
undergound. You never know if you're the random target of a new exploit. =
It has happened before and it will happen again.
Lars
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]
