Date: Mon, 15 Sep 2003 11:48:39 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Ray Seals <rseals@vdsi.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Securing the FreeBSD Console by removing OS Version Message-ID: <20030915184839.GC6885@rot13.obsecurity.org> In-Reply-To: <1063636531.287.2.camel@rsealslaptop.magellanhealth.com> References: <1063399454.293.5.camel@rsealslaptop.magellanhealth.com> <20030912223142.GC68304@happy-idiot-talk.infracaninophile.co.uk> <1063636531.287.2.camel@rsealslaptop.magellanhealth.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--JgQwtEuHJzHdouWu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Sep 15, 2003 at 09:35:31AM -0500, Ray Seals wrote: > It was the /etc/motd file. I had already edited the file but failed to > take out the top line. I was trying to make this harder than it really > was. You realise that if someone can log in to the system they can trivially discover the OS and OS version by querying the kernel? As a "security measure" this change has zero benefit. Kris --JgQwtEuHJzHdouWu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/ZgmGWry0BWjoQKURAvjMAKDix/9lwxgcS/NKC2v3V/aGO2fSCgCeOB/u NPu1u+GZblrM/fxnX1dc394= =IVgq -----END PGP SIGNATURE----- --JgQwtEuHJzHdouWu--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030915184839.GC6885>