Nmap Announce mailing list archives
Re: hiding uptime
From: Matt Bing <matt () anzen com>
Date: Fri, 16 Mar 2001 09:51:00 -0500
Ted U said:
here's patch i submitted to bugtraq. it modifies openbsd 2.8/7 so that the timestamp starts at zero for each connection. nmap (or other methods) will think you have an uptime of 53 ms or something. nmap doesn't report anything.
Something similar was just commited to -current: /src/sys/netinet/tcp_subr.c revision 1.40 date: 2001/03/14 19:21:33; author: mickey; state: Exp; lines: +2 -1 provide a random start for tcp timestamps; niels@ ok $ sudo nmap -O -sS -p 22-25 karloff [snip] Uptime 7792.580 days (since Wed Nov 14 19:48:34 1979) $ uptime 9:44AM up 6 mins, 4 users, load averages: 0.16, 0.30, 0.17 -- Matt Bing Anzen Computing -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- hiding uptime Ted U (Mar 15)
- <Possible follow-ups>
- Re: hiding uptime Matt Bing (Mar 16)