Doing something with OS fingerprint?

Stuart Henderson stu at spacehopper.org
Mon Feb 22 00:22:24 AEDT 2021


On 2021/02/21 06:37, Stef Bon wrote:
> Hi,
> 
> in the iptables subsystem of Linux it's possible to get the
> fingerprint of the peer OS.
> See:
> 
> man iptables-extensions
> under osf
> 
> If this information is available it's possible to adjust behaviour (a
> little) to meet the peer's flaws and maybe bugs. Have you ever thought
> about that?
> 
> Stef
> the Netherlands
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

If you want to make use of this information, you can redirect to different
ports depending on the OS type, and run multiple sshd instances with
different configuration. I can't really think of anything you might want
to do with it though (other than outright blocking access from unwanted
/ unexpected OS)..


More information about the openssh-unix-dev mailing list