[Info-vax] Here it is, the VMS/CSWS/php Security Contest 2012
Johnny Billquist
bqt at softjar.se
Thu May 3 17:40:26 EDT 2012
On 2012-05-03 22.41, presnypreklad at gmail.com wrote:
> I'm curious. If you connect a VMS box to the Internet and turn on TCP/IP services like ftp, telnet,
> and finger, it's trivial to determine that the box is running VMS, right?
Actually, using some heuristics, it is possible to determine the OS no
matter what your server tries to pretend to be.
Look at nmap documentation for more information, but basically, you can
look at things like the initial sequence number chosen for connections,
timing, options used, and other stuff to pretty much identify which OS
the machine is running no matter what services they have up, and which
way they behave. You don't even need to speak to the services, just
initiate connections.
Johnny
More information about the Info-vax
mailing list