![[LWN Logo]](/images/lwn.banner.gif)
Date: Wed, 21 Oct 1998 14:42:58 -0400 (EDT)
From: Fyodor <fyodor@dhp.com>
To: lwn@lwn.net
Subject: Security Community OS preferences
Here is an OS list I sent to ISN a few days ago. I have fixed a typo and
changed the comments slightly.
For those who don't know, I am finishing a new version of my Nmap network
exploration tool. This version does remote OS identification via TCP/IP
fingerprinting (kindof like the awesome queso program, although nmap
uses some more advanced techniques). In any case, I did a mass scan of
(mostly) security sites and I thought it might interest the list as well
as shed some light into what operating systems are preferred by security
companies and hackers (I don't claim it is a statisticly valid sample --
I just picked sites off the top of my head):
# "Hacker" sites
www.l0pht.com => OpenBSD 2.2 - 2.4
www.insecure.org => Linux 2.0.31-34
www.rhino9.ml.org => Windows 95/NT # No comment :)
www.technotronic.com => Linux 2.0.31-34
www.2600.com => FreeBSD 2.2.6 - 3.0 Beta
www.kevinmitnick.com => Linux 2.0.31-34 # Free Kevin!
www.antionline.com => FreeBSD 2.2.6 - 3.0 Beta
www.rootshell.com => Linux 2.0.35
# Security vendors, consultants, etc.
www.repsec.com => Linux 2.0.35
www.iss.net => Linux 2.0.31-34
www.checkpoint.com => Solaris 2.5 - 2.51
www.infowar.com => Win95/NT
# Vendor loyalty to their OS
www.li.org => Linux 2.0.35 # Linux International
www.redhat.com => Linux 2.0.31-34 # I wonder what distribution :)
www.debian.org => Linux 2.0.35
www.linux.org => Linux 2.1.122 # Might be another 2.1.X version
www.sgi.com => IRIX 6.2 - 6.4
www.netbsd.org => NetBSD 1.3X
www.openbsd.org => Solaris 2.6 # Ahem :)
www.freebsd.org => FreeBSD 2.2.6-3.0 Beta
# Ivy league
www.harvard.edu => Solaris 2.6
www.yale.edu => Solaris 2.5 - 2.51
www.caltech.edu => SunOS 4.1.2-4.1.4 # Hello! This is the 90's :)
www.mit.edu => Solaris 2.5 - 2.51 # Coincidence that the good
# schools all seem to like Sun?
# perhaps it is the 40% .edu
# discount.
# Lamer sites
www.aol.com => IRIX 6.2 - 6.4 # No wonder they are so insecure :)
www.happyhacker.org => OpenBSD 2.2-2.4 # Sick of being owned, Carolyn?
# Misc
www.lwn.net => Linux 2.0.31-34 # This Linux news site rocks!
www.whitehouse.gov => IRIX 5.3
Notes: In their security white paper, Microsoft said about their
reputation for poor security: "this assumption has changed over the years
as Windows NT gains popularity largely because of its security features.".
Hmm, from where I stand it doesn't look like Windows is very popular among
the security community :). I only see 2 Windows boxes from the whole
group, and Windows is _easy_ for nmap to distinguish since it is so broken
(standards wise).
The version of nmap used for this will probably be released within 2 weeks
- 2 months. The released version is at http://www.insecure.org/nmap/ (does
not include OS fingerprinting). If you run any of these boxes and I got
the OS wrong, please send me mail so I can tune nmap better.
Cheers,
Fyodor (fyodor@dhp.com, www.insecure.org)
--
Fyodor 'finger fyodor@dhp.com | pgp -fka'
"Girls are different from hacking. You can't just brute force them if all
else fails." --SKiMo, quoted in _Underground_ (good book)