Nmap Announce mailing list archives
Corrections for "Using the Unused" and for "The DF Playground"
From: "Ofir Arkin" <ofir () itcon-ltd com>
Date: Wed, 13 Sep 2000 08:51:00 -0000
Apparently I had a mistake in my postings regarding OpenBSD. As it turn out, OpenBSD DOES not set the DF on the replies and DOES not echo the Reserved bit. What this means is Solaris is the ONLY operating system to set the DF bit on ICMP Query replies enabling us to identify it exclusively. And Solaris and HPUX 11.0 are the ONLY operating systems to Echo back the Reserved Bit. Since Solaris sets the DF bit as well we can distinguish between Sun Solaris Machines and HPUX 11.0 machines. For all of you who wrote back to say that we can turn off replies for various ICMP Queries with Solaris - PLEASE DO SO! This is the reason for all this :) I am sorry for the inconvenient and for the error. Ofir Arkin [ofir () itcon-ltd com] Senior Security Analyst Chief of Grey Hats ITcon, Israel. http://www.itcon-ltd.com Personal Web page: http://www.sys-security.com "Opinions expressed do not necessarily represent the views of my employer." -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- Corrections for "Using the Unused" and for "The DF Playground" Ofir Arkin (Sep 13)
- Re: Corrections for "Using the Unused" and for "The DF Playground" Kevin Steves (Sep 13)
- Re: Corrections for "Using the Unused" and for "The DF Playground" Ralf Hildebrandt (Sep 15)
- Re: Corrections for "Using the Unused" and for "The DF Playground" Kevin Steves (Sep 13)