Re: Does a security scanning program needs to know the OS's of the machines being scanned?
From: Lassi Hippeläinen (lahippel_at_ieee.orgies.invalid)
Date: 05/25/04
- Next message: Martin C: "Re: What is the best affordable protection?"
- Previous message: privacy.at Anonymous Remailer: "Re: question on tls"
- In reply to: Ricardo: "Does a security scanning program needs to know the OS's of the machines being scanned?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 May 2004 09:10:04 GMT
Ricardo wrote:
>
> Does a security scanning program needs to know the operating systems
> of the machines being scanned? In other words, does the security
> scanning program perform different security tests depending on the
> operating system of the machine being scanned?
Yes. Actually, one of the first things a scanner does is to figure out
the OS. Most of them leak the information in plain text in plain text,
including version number and distribution source. Otherwise you can test
specific features, e.g. how it handles TCP errors (number of
retransmits, their timing, etc.).
-- Lassi
- Next message: Martin C: "Re: What is the best affordable protection?"
- Previous message: privacy.at Anonymous Remailer: "Re: question on tls"
- In reply to: Ricardo: "Does a security scanning program needs to know the OS's of the machines being scanned?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
