From owner-freebsd-security Fri Jul 6 11: 7:49 2001 Delivered-To: freebsd-security@freebsd.org Received: from globalrelay.com (h216-18-71-77.gtcust.grouptelecom.net [216.18.71.77]) by hub.freebsd.org (Postfix) with ESMTP id 5426E37B403 for ; Fri, 6 Jul 2001 11:07:36 -0700 (PDT) (envelope-from lists@globalrelay.net) Received: from [10.2.0.6] (HELO hpvl4002) by globalrelay.com (CommuniGate Pro SMTP 3.4.7) with SMTP id 550038; Fri, 06 Jul 2001 11:07:35 -0700 Message-ID: <01e401c10646$9305e900$0600020a@frontend> From: "Eric Parusel" To: , "aphex" References: <20010706175344.E400937B403@hub.freebsd.org> Subject: Re: Hiding Versions Date: Fri, 6 Jul 2001 11:07:52 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > 7/07/2001 1:14:35 AM, Peter Pentchev wrote: > > >On Fri, Jul 06, 2001 at 05:02:17PM +0200, Khalil.Haddad@ubs.com wrote: > >> Hello all, > >> > >> After visiting this web site : www.netcraft.com, I discovered that it > >> is possible to trace version changes of OS, apache or php. > [snip] > >> By the way, the output for my server gives me Apache/1.3.19 but i have > >> upgraded to 1.3.20 recently, why hasn't this been taken in > >> consideration? (i used ports to upgrade) > > > >Maybe no one has performed a Netcraft query for your server since > >you upgraded. > > > >G'luck, > >Peter > > I've been able to fool netcraft.com into saying I run a different webserver, but am still unable to hide the fact that I'm running freebsd. > Would you happen to know how they get this information? no banners on any services display the fact that im running freebsd so I'm guessing > its got to do with tcp/ip fingerprints. Anyway at all to hide this? > > Regards, > > --> aphex I'm behind a firewall system, and netcraft.com reports my OS as Unknown... With only port 80 and 443 open to the outside, it probably doesn't have enough info to figure out what OS I'm running. Try firewalling, it's a good idea anyways :) Now how did you fool netcraft.com into saying that you run a different webserver? Later, Eric To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message