Bugtraq mailing list archives
Re: TCP Timestamping and Remotely gathering uptime information
From: Stephen White <swhite () OX COMPSOC NET>
Date: Sat, 17 Mar 2001 00:31:22 +0000
On Wed, Mar, 2001, Bret wrote:
either by creating a new 'timestamp clock' for each TCP session (that uses timestamps)
You can't do this .. it breaks the use of such timestamps for things like TCP Sequence number wrap-around protection on fast networks (gigabit).
or by starting the timestamp clock off with some random number.
I don't think this breaks any rules or functionality and shouldn't even hit performance. A series of observations would still enable you to obtain uptime information, since the readings would be linear until a reboot. If you sampled timestamps from a machine periodically you could work out it's probably uptime to within the length of that period. Obviously you're readings would be meaningless until you witness a reboot, but beyond that point you should still be able to tell. There is a slight issue over whether you actually care that people know your system uptime. -- Stephen White \ OU Compsoc System Administration Team PGP Key ID: 0xC79E5B6A \ System Administration Co-ordinator <swhite () ox compsoc net> \ http://ox.compsoc.net/~swhite/
Current thread:
- TCP Timestamping and Remotely gathering uptime information Bret (Mar 13)
- Re: TCP Timestamping and Remotely gathering uptime information Fyodor (Mar 14)
- <Possible follow-ups>
- Re: TCP Timestamping and Remotely gathering uptime information Bret (Mar 15)
- Re: TCP Timestamping and Remotely gathering uptime information Ted U (Mar 16)
- Re: TCP Timestamping and Remotely gathering uptime information Darren Reed (Mar 16)
- Re: TCP Timestamping and Remotely gathering uptime information Valdis Kletnieks (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Saint skullY the Dazed (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information arivanov (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Stephen White (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information bert hubert (Mar 20)
- Remote fingerprinting/uptime (was Re: TCP Timestamping ...) Darren Reed (Mar 20)
- Re: Remote fingerprinting/uptime (was Re: TCP Timestamping ...) Jason R Thorpe (Mar 22)
- Re: TCP Timestamping and Remotely gathering uptime information Chris Tobkin (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Ted U (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Matt Lewis (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information Theo de Raadt (Mar 20)
- Re: TCP Timestamping and Remotely gathering uptime information Darren Reed (Mar 19)
- Re: TCP Timestamping and Remotely gathering uptime information van der Kooij, Hugo (Mar 20)