[Moderator: Really neat post here. Going to add a few comments for everyone :) .. 'repsec' is running 2.0.34 with custom mods. 'caltech' .. I can see that. I know of several EDUs running old stuff like SunOS, Ultrix and the like. AOL runs "stratus" machines if I am not mistaken. I found info on them a while back on their web site (www.stratus.com?) and might be a neat addition to the database. Elsewise, these are dead on accurate as best as I know. VERY nice addition to the NMAP utility.] From: Fyodor <fyodort_private> For those who don't know, I am finishing a new version of my Nmap network exploration tool. This version does remote OS identification via TCP/IP fingerprinting (kindof like the awesome queso program, although nmap uses some more advanced techniques). In any case, I did a mass scan of (mostly) security sites and I thought it might interest the list as well as shed some light into what operating systems are preferred by security companies and hackers (I don't claim it is a statisticly valid sample -- I just picked sites off the top of my head): # "Hacker" sites www.l0pht.com => OpenBSD 2.2 - 2.4 www.insecure.org => Linux 2.0.31-34 www.rhino9.ml.org => Windows 95/NT # No comment :) www.technotronic.com => Linux 2.0.31-34 www.2600.com => FreeBSD 2.2.6 - 3.0 Beta www.kevinmitnick.com => Linux 2.0.31-34 # Free Kevin! www.antionline.com => FreeBSD 2.2.6 - 3.0 Beta www.rootshell.com => Linux 2.0.35 # Security vendors, consultants, etc. www.repsec.com => Linux 2.0.35 www.iss.net => Linux 2.0.31-34 www.checkpoint.com => Solaris 2.5 - 2.51 www.infowar.com => Win95/NT # Vendor loyalty to their OS www.li.org => Linux 2.0.35 # Linux International www.redhat.com => Linux 2.0.31-34 # I wonder what distribution :) www.debian.org => Linux 2.0.35 www.linux.org => Linux 2.1.122 www.sgi.com => IRIX 6.2 - 6.4 www.netbsd.org => NetBSD 1.3X www.openbsd.org => Solaris 2.6 # Ahem :) www.freebsd.org => FreeBSD 2.2.6-3.0 Beta # Ivy league www.harvard.edu => Solaris 2.6 www.yale.edu => Solaris 2.5 - 2.51 www.caltech.com => SunOS 4.1.2-4.1.4 # Hello! This is the 90's :) # Might be a custom machine instead. www.mit.edu => Solaris 2.5 - 2.51 # Coincidence that the good # schools all seem to like Sun? # Lamer sites www.aol.com => IRIX 6.2 - 6.4 # No wonder they are so insecure :) www.happyhacker.org => OpenBSD 2.2-2.4 # Sick of being owned, Carolyn? # Even the most secure OS is # useless in the hands of an # incompetent admin. # Misc www.lwn.net => Linux 2.0.31-34 # This Linux news site rocks! www.whitehouse.gov => IRIX 5.3 Notes: In their security white paper, Microsoft said about their lax security: "this assumption has changed over the years as Windows NT gains popularity largely because of its security features.". Hmm, from where I stand it doesn't look like Windows is very popular among the security community :). I only see 2 Windows boxes from the whole group, and Windows is _easy_ for nmap to distinguish since it is so broken (standards wise). The version of nmap used for this will probably be released within 2 weeks - 2 months. If you really _must_ have the beta now, send me mail. The released version is at http://www.insecure.org/nmap/ . If you run any of these boxes and I got the OS wrong, please send me mail. Cheers, Fyodor (fyodort_private) -- Fyodor 'finger fyodort_private | pgp -fka' "Girls are different from hacking. You can't just brute force them if all else fails." --SKiMo, quoted in _Underground_ (good book) -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:08:18 PDT