On Fri, Jul 06, 2001 at 05:01:03PM -0400, Jason Burdick wrote:
> Hiding version strings is very pointless. The only use is to let admins be
> a tad bit more lazy in patching so s'kiddies, who only look for version
> strings for exploit purposes, will pass by the box. This doesn't stop
> someone with a clue, so it's a waste of time. Patch the box correctly, and
> you'll have less problems.

I agree that you should patch the box correctly. I do not agree that hiding
verison numbers is useless. When you hide your version number, you make
it less likely that the exploit will work the first time - and if your
service is set up so the first attempt is all the attackers get (e.g,
BIND exploits) then hiding the version number increase real security.
It also increase the likelihood of detection, as a wrong exploit is likely
to be tried first, and thus log an error.

Eivind.

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]