Re: preventing OS fingerprint

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: preventing OS fingerprint

Damien Miller
On Thu, 3 Nov 2005, Gustavo Rios wrote:

> Dear gentleman,
>
> i have an obsd firewall and would like to prevent external entities
> discovering that firewall is openbsd, is that possible?

why care? fingerprinting is such a non-issue, and spending effort to avoid
it is just security through obscurity.

Reply | Threaded
Open this post in threaded view
|

Re: preventing OS fingerprint

Shane J Pearson
Hi Damien,

On 04/11/2005, at 9:56 AM, Damien Miller wrote:

> why care? fingerprinting is such a non-issue, and spending effort  
> to avoid it is just security through obscurity.

Ignoring whether blocking NMAP scans is effective or not...

I agree that it is not good to rely on obscurity. But I don't see
anything wrong with obscuring a detail which people don't need to know.

What do you have to gain and what do you have to loose from holding
that info back? And what do you have to gain and what do you have to
loose from advertising it?

If someone wants to know what you are running, to ease their attack.
Then why not make it a little harder for them? That extra time could
help you or a process detect the random attacks and work against the
attacker.

Not that there is much likelihood of a patched OpenBSD getting rooted
though. Conversely, I guess advertising OpenBSD could make them go away.
; )


Shane J Pearson