|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: About web server version
From: ystar m (ystar.m
laposte.net)
Date: Mon Apr 28 2003 - 04:40:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In-Reply-To: <001501c30c3e$a5f21fc0$1500020a@bigdog>
>You will need to modify the source code. Unfortunately
that won't really
>fool anyone. Error messages, header formats/etc all
provide plenty of
>information. Check out Rain.Forest.Puppy's
presentation on this and his
>whisker tool available at wiretrip.net.
>
>
>In any event it doesn't matter, most "generic" web
attacks I have seen are
>not targeted, they simply take a shotgun approach, or
if it's a worm it just
>blasts out at everyone. Much better to spend the time
and effort keeping
>Apache up to date.
>
>
>Kurt Seifried, kurt@seifried.org
>A15B BEE5 B391 B9AD B0EF
>AEB0 AD63 0B4E AD56 E574
>http://seifried.org/security/
What you said is true but the problem that we use an
rpm version for apache.
Eliminating this information (apache version) for
avoiding target attacks that can be done on a
vulnerable version when the administrator has not
discover this vulnerability, so this eliminates some
cases or kinds of skilled attackers
Thanks for informations that you have provided
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]