|
Nmap Hackers
mailing list archives
Re: hiding uptime
From: Matt Bing <matt () anzen com>
Date: Fri, 16 Mar 2001 09:51:00 -0500
Ted U said:
here's patch i submitted to bugtraq. it modifies openbsd 2.8/7 so that
the timestamp starts at zero for each connection. nmap (or other
methods) will think you have an uptime of 53 ms or something. nmap
doesn't report anything.
Something similar was just commited to -current:
/src/sys/netinet/tcp_subr.c
revision 1.40
date: 2001/03/14 19:21:33; author: mickey; state: Exp; lines: +2 -1
provide a random start for tcp timestamps; niels@ ok
$ sudo nmap -O -sS -p 22-25 karloff
[snip]
Uptime 7792.580 days (since Wed Nov 14 19:48:34 1979)
$ uptime
9:44AM up 6 mins, 4 users, load averages: 0.16, 0.30, 0.17
--
Matt Bing
Anzen Computing
--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
 By Date 
By Thread
Current thread:
- hiding uptime Ted U (Mar 15)
- <Possible follow-ups>
- Re: hiding uptime Matt Bing (Mar 16)
| 
Intro
