Bugtraq mailing list archives
Re: TCP Timestamping and Remotely gathering uptime information
From: Darren Reed <avalon () COOMBS ANU EDU AU>
Date: Fri, 16 Mar 2001 04:52:47 +1100
So when do we change things like "uname" such that they no longer report the system "identity" (OS, OS rev) to anyone but root ? Why do you think all timestamps should not reveal uptime information ? What do you think is at risk here ? Are script kiddies going to say "ooh, he's been up for 500 days and he's not linux, lets flood him to death" ? Or is there something more fundamental ? One potential use of uptime information to an attackers advantage is in attacking things which use the current time (seconds, microseconds, whatever) as a seed for some sort of thing when the start up at boot time. An server which has a week PRNG or similar might be at risk, where it otherwise would not, do you think ? Darren
Current thread:
- TCP Timestamping and Remotely gathering uptime information Bret (Mar 13)
- Re: TCP Timestamping and Remotely gathering uptime information Fyodor (Mar 14)
- <Possible follow-ups>
- Re: TCP Timestamping and Remotely gathering uptime information Bret (Mar 15)
- Re: TCP Timestamping and Remotely gathering uptime information Ted U (Mar 16)
- Re: TCP Timestamping and Remotely gathering uptime information Darren Reed (Mar 16)
- Re: TCP Timestamping and Remotely gathering uptime information Valdis Kletnieks (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Saint skullY the Dazed (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information arivanov (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Stephen White (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information bert hubert (Mar 20)
- Remote fingerprinting/uptime (was Re: TCP Timestamping ...) Darren Reed (Mar 20)
- Re: Remote fingerprinting/uptime (was Re: TCP Timestamping ...) Jason R Thorpe (Mar 22)
- Re: TCP Timestamping and Remotely gathering uptime information Chris Tobkin (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Ted U (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Matt Lewis (Mar 19)