Quote:
Originally Posted by daemonfowl
security through obscurity in certain ways is an obligation .. not for fear of being attacked but of being *noticed* then *identified*...
|
The problem is that you/me/anyone is
never going to know what the bad guys are doing to identify your/my/our systems. Nmap doesn't employ the only heuristics available, & the bad guys aren't going to advertise what methods they use. Ultimately, knowledge of fingerprinting techniques isn't necessarily the right topic to focus upon when it comes to securing systems exposed to the Internet.
What you will find the OpenBSD project developers advocating is understanding
what packets are going through your firewall, & tightening the rules such that
only the traffic you want gets through in either direction.
Focusing on firewall rules offers more tangible results. Trying to out-smart the ever-evolving murky heuristics used by the bad guys who will never divulge what they are doing will only put you/me/anyone into a constant game of cats chasing mice. And the bad guys aren't going to stand still -- at least not the really
good ones.
While I will grant you that fingerprinting is a curious subject, & there are a number of books which chronicle publicized exploits, understanding fingerprinting at a deeper level also will take
significant time, research, sophistication, & experience.
Quote:
you mean nmap's or the the kernel's code ?
|
Nmap, as your question was initially on
how fingerprinting is done.
Quote:
then a total mastery of c/lua/ is involved here .. :-)
|
At minimum, C. Yet if this is a goal that you
really want to pursue, I would rate it at the senior undergraduate level if you want a ballpark guess as to complexity.