Home page logo

bugtraq logo Bugtraq mailing list archives

Corrections for "Using the Unused" and for "The DF Playground"
From: Ofir Arkin <ofir () ITCON-LTD COM>
Date: Wed, 13 Sep 2000 08:50:57 -0000

Apparently I had a mistake in my postings regarding OpenBSD.

As it turn out, OpenBSD DOES not set the DF on the replies and
DOES not echo the Reserved bit.

What this means is Solaris is the ONLY operating system to set
the DF bit on ICMP Query replies enabling us to identify it exclusively.

And Solaris and HPUX 11.0 are the ONLY operating systems to Echo
back the Reserved Bit.

Since Solaris sets the DF bit as well we can distinguish between
Sun Solaris Machines and HPUX 11.0 machines.

For all of you who wrote back to say that we can turn off replies
for various ICMP Queries with Solaris - PLEASE DO SO! This is the reason
for all this :)

I am sorry for the inconvenient and for the error.

Ofir Arkin  [ofir () itcon-ltd com]
Senior Security Analyst
Chief of Grey Hats
ITcon, Israel.

Personal Web page: http://www.sys-security.com

"Opinions expressed do not necessarily
represent the views of my employer."

  By Date           By Thread  

Current thread:
  • Corrections for "Using the Unused" and for "The DF Playground" Ofir Arkin (Sep 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]