Re: Nmap fingerprinting

["Victor" <victord@paid.com>]

> Without getting confused by rhetoric, the less information available, the
> harder an attack will be. You may feel secure right now, but if there is
> another remote root hole discovered then people will look around for OBSD
> boxes to exploit. If your box can't be identified then it may be skipped.

Actually, by similar logic, if someone knows you're running OBSD, they might
just "Aaah, don't want to mess with it", but if someone has gone through the
pains of hiding the OS, it might be amusing for someone to stick around and
try things just to play around and find out what's running.  The next thing
they'll check will be your DNS server or apache or god know what else. So
just tell them it's openbsd. Actually, I ran nmap -O -sS on my openbsd box
and without filtering a whole lot it still didn't ID it as OpenBSD. It even
reported packet randomness as 999999 (truly random it said).