From owner-freebsd-security  Mon Jul  9  1: 9: 0 2001
Delivered-To: freebsd-security@freebsd.org
Received: from gate.ldn.swissbank.com (gate.ldn.ubswarburg.com [193.82.179.18])
	by hub.freebsd.org (Postfix) with ESMTP id F2E9437B40B
	for <freebsd-security@FreeBSD.ORG>; Mon,  9 Jul 2001 01:08:54 -0700 (PDT)
	(envelope-from Khalil.Haddad@ubs.com)
Received: (from smap@localhost)
	by gate.ldn.swissbank.com (8.8.8/8.8.8) id JAA18584
	for <freebsd-security@FreeBSD.ORG>; Mon, 9 Jul 2001 09:07:43 +0100 (BST)
From: Khalil.Haddad@ubs.com
Received: from <Khalil.Haddad@ubs.com> (eight.ubswarburg.com [192.168.0.3]) by gate via smap (V2.0)
	id xma018540; Mon, 9 Jul 2001 09:07:31 +0100
Received: from ln4p1013pos.ldn.swissbank.com (virscan1 [192.168.0.3])
	by virscan1.swissbank.com (8.8.8/8.8.8) with ESMTP id IAA24367
	for <freebsd-security@FreeBSD.ORG>; Mon, 9 Jul 2001 08:05:11 GMT
Received: from ln4p1528.ldn.swissbank.com (ln4p1528.ldn.swissbank.com [172.16.232.54])
	by ln4p1013pos.ldn.swissbank.com (8.8.8/8.8.8) with ESMTP id JAA02793
	for <freebsd-security@FreeBSD.ORG>; Mon, 9 Jul 2001 09:07:29 +0100 (BST)
Received: from ps3p84.par.swissbank.com (ps3p84.par.swissbank.com [155.145.25.41])
	by ln4p1528.ldn.swissbank.com (8.8.6 (PHNE_14041)/8.8.6/WDR gamma evision: 1.4 $) with ESMTP id JAA14929
	for <freebsd-security@FreeBSD.ORG>; Mon, 9 Jul 2001 09:07:28 +0100 (BST)
Received: from localhost (root@localhost)
	by ps3p84.par.swissbank.com (8.8.6 (PHNE_14041)/8.8.6/WDR gamma evision: 1.4 $) with ESMTP id KAA03578
	for <freebsd-security@FreeBSD.ORG>; Mon, 9 Jul 2001 10:07:27 +0200 (METDST)
X-OpenMail-Hops: 1
Date: Mon, 9 Jul 2001 10:07:26 +0200
Message-Id: <H0000152004e9531.0994666045.ps3p84.par.swissbank.com@MHS>
Subject: RE: Re: Hiding Versions
MIME-Version: 1.0
To: freebsd-security@FreeBSD.ORG
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline; filename="BDY.TXT"
	;Creation-Date="Mon, 9 Jul 2001 10:07:26 +0200"
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

thx all for your answers.

I read in the apache docs that the ServerTokens could do the trick 
(hiding apache version) for example i often see : Apache v1.3.x the x 
hiding the version.

Unfortunately, i could make this to work, it always outputs the same 
string.
Anyone has a successful experience ?

Thank you

Khalil

-----Original Message-----
From: roam [mailto:roam@orbitel.bg]
Sent: 06 July 2001 17:15
To: Haddad, Khalil
Cc: roam; freebsd-security
Subject: Re: Hiding Versions


On Fri, Jul 06, 2001 at 05:02:17PM +0200, Khalil.Haddad@ubs.com wrote:
> Hello all,
> 
> After visiting this web site : www.netcraft.com, I discovered that it 
> is possible to trace version changes of OS, apache or php.
> 
> Example :
> FreeBSD  Apache/1.3.9 (Unix) mod_perl/1.20  4-Dec-2000  195.92.95.5   
> Netcraft   
> unknown  Apache/1.3.9 (Unix) mod_perl/1.20  3-Dec-2000  195.92.95.5   
> Netcraft   
> FreeBSD  Apache/1.3.9 (Unix) mod_perl/1.20  19-Nov-2000  195.92.95.5  
 
> Planet Online   
> unknown  Apache/1.3.9 (Unix) mod_perl/1.20  18-Nov-2000  195.92.95.5  
 
> Planet Online   
> FreeBSD  Apache/1.3.9 (Unix) mod_perl/1.20  14-Nov-2000  195.92.95.5  
 
> Planet Online   
> FreeBSD  Apache/1.3.9 (Unix) mod_perl/1.20  15-Sep-1999  
195.188.192.5  
>  Netcraft Ltd   
> FreeBSD  Apache/1.3.6 (Unix) mod_perl/1.20  2-Jul-1999  195.188.192.5 
  
> Netcraft Ltd   
> FreeBSD  Apache/1.3.6 (Unix) mod_perl/1.18  9-Jun-1999  195.188.192.5 
  
> Netcraft Ltd   
> FreeBSD  Apache/1.3.4 (Unix) mod_perl/1.18  26-May-1999  
195.188.192.5  
>  Netcraft Ltd  
> 
> I wanted to know how this was possible, if FreeBSD stores version 
> history somewhere. What should I do to secure this and how, because 
> knowing that anyone can get the history of version changes on your 
> system doesn't make you fell secure...

They can only track history in the sense of storing information obtained
by somebody performing a query on the given date.  This list just means
that somebody has done those queries on May 26, 1999, June 9, 1999 etc,
and the Netcraft database has stored the results.

If nobody has been interested in *your* server, Netcraft would not
have any information stored about it.  It is the Netcraft database,
not your OS, that keeps history.

> By the way, the output for my server gives me Apache/1.3.19 but i 
have 
> upgraded to 1.3.20 recently, why hasn't this been taken in 
> consideration? (i used ports to upgrade)

Maybe no one has performed a Netcraft query for your server since
you upgraded.

G'luck,
Peter

-- 
I am the meaning of this sentence.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message