I've just run NMAP(Win) against a server with grsec 1.9.9e and it manages to work out the uptime. Apparently it does this by looking at the TCP timestamp.
I don't really see how a remote attacker could exploit that information, but I was wondering if grsec could have some feature to prevent this.
Perhaps setting the timestamp to a random value at boot time?
It also correctly guessed the OS as "linux 2.4.0 - 2.5.20" - whereas it was unable to guess on a similar server with grsec 1.9.7d. Has something changed or have I misconfigured it?
Phil Skuse.
NMAP correctly guesses uptime
2 posts
• Page 1 of 1
NMAP correctly guesses uptime
by PhilSkuse » Wed Apr 09, 2003 10:07 am
- PhilSkuse
- Posts: 9
- Joined: Thu Nov 07, 2002 5:53 am
2 posts
• Page 1 of 1