Re: Hiding Versions
From: Eivind Eklund (eivind@thinksec.no)
Date: 07/09/01
- Next message: Axel Scheepers: "Re: Firewall and ftp service"
- Previous message: Dragos Ruiu: "Re: FW: Small TCP packets == very large overhead == DoS?"
- In reply to: Jason Bur***: "Re: Hiding Versions"
- Next in thread: appleseed@hushmail.com: "Re: Hiding Versions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 9 Jul 2001 00:24:09 +0200 From: Eivind Eklund <eivind@thinksec.no> To: Jason Bur*** <webmaster@yclan.net>
On Fri, Jul 06, 2001 at 05:01:03PM -0400, Jason Bur*** wrote:
> Hiding version strings is very pointless. The only use is to let admins be
> a tad bit more lazy in patching so s'kiddies, who only look for version
> strings for exploit purposes, will pass by the box. This doesn't stop
> someone with a clue, so it's a waste of time. Patch the box correctly, and
> you'll have less problems.
I agree that you should patch the box correctly. I do not agree that hiding
verison numbers is useless. When you hide your version number, you make
it less likely that the exploit will work the first time - and if your
service is set up so the first attempt is all the attackers get (e.g,
BIND exploits) then hiding the version number increase real security.
It also increase the likelihood of detection, as a wrong exploit is likely
to be tried first, and thus log an error.
Eivind.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Axel Scheepers: "Re: Firewall and ftp service"
- Previous message: Dragos Ruiu: "Re: FW: Small TCP packets == very large overhead == DoS?"
- In reply to: Jason Bur***: "Re: Hiding Versions"
- Next in thread: appleseed@hushmail.com: "Re: Hiding Versions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
