From owner-freebsd-security@FreeBSD.ORG  Fri Mar 24 13:53:28 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CC6FC16A428;
	Fri, 24 Mar 2006 13:53:28 +0000 (UTC)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2BEBA43D46;
	Fri, 24 Mar 2006 13:53:26 +0000 (GMT)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231])
	by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k2ODrBB5098098; 
	Fri, 24 Mar 2006 15:53:11 +0200 (EET)
	(envelope-from dmitry@atlantis.dp.ua)
Date: Fri, 24 Mar 2006 15:53:11 +0200 (EET)
From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
To: Ruslan Ermilov <ru@freebsd.org>
In-Reply-To: <20060324125628.GA63626@ip.net.ua>
Message-ID: <20060324154927.G71617@atlantis.atlantis.dp.ua>
References: <200603221611.k2MGBV21010114@freefall.freebsd.org>
	<20060323103739.X90993@atlantis.atlantis.dp.ua>
	<20060324125628.GA63626@ip.net.ua>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:13.sendmail
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Mar 2006 13:53:28 -0000


Hello!

On Fri, 24 Mar 2006, Ruslan Ermilov wrote:
>>  This doesn't change sendmail's identification string - it's still "8.13.1"
>> on RELENG_4_11, which makes detection of unpatched systems more difficult
>> to sysadmin. Wouldn't be wise to add, say, "-p1" to this string in
---^^^^^^^^^^^

  I meant just this - to sysadmin, not to attackers.

>> version.c?
>>
> It depends on what you think about whether it's good or not
> that it's undetectable.  I prefer it to be not-detectable.

  So do I - that's why I removed version info from my settings for 
confSMTP_LOGIN_MSG long time ago ;)


Sincerely, Dmitry
-- 
Atlantis ISP, System Administrator
e-mail:  dmitry@atlantis.dp.ua
nic-hdl: LYNX-RIPE