From owner-freebsd-security Fri Jul 6 14: 3:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from euphoria.confusion.net (dementia.confusion.net [205.166.119.16]) by hub.freebsd.org (Postfix) with ESMTP id 900F537B405 for ; Fri, 6 Jul 2001 14:03:14 -0700 (PDT) (envelope-from stuyman@euphoria.confusion.net) Received: from localhost (localhost [127.0.0.1]) by euphoria.confusion.net (8.11.2/8.11.2) with SMTP id f66L1vZ07962; Fri, 6 Jul 2001 14:01:58 -0700 (PDT) Date: Fri, 6 Jul 2001 14:01:57 -0700 (PDT) From: Laurence Berland To: Jason Burdick Cc: security@FreeBSD.ORG Subject: Re: Hiding Versions In-Reply-To: <003801c1065e$c4724480$0c8e1581@yclan.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org As much as it's not all that good in terms of security, changing version strings will keep the kiddies from ever bothering, which is good just because it stops them from filling your logs quite as much... On Fri, 6 Jul 2001, Jason Burdick wrote: > Hiding version strings is very pointless. The only use is to let admins be > a tad bit more lazy in patching so s'kiddies, who only look for version > strings for exploit purposes, will pass by the box. This doesn't stop > someone with a clue, so it's a waste of time. Patch the box correctly, and > you'll have less problems. > > Besides, Netcraft is cool. It's nice to see that I have the second longest > uptime on campus. :) > > This has been discussed many times before, check the list archives. > > Jason Burdick > System Administrator, Jester's Court Communications > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message