[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Obscuring OS

Bill.Light@xxxxxx wrote:
I am running a mail/web server and Netcraft says that it is Apache/1.3.28 and (Linux/SuSE).

While on one hand that is nice....Would it not be better to obscure which distro I am running and the version of Apache ??

It wouldn't improve your security. Script kiddies usaually run automated
exploits that don't look at your server signature. They just try to
break into servers in a certain IP-range with a certain exploit. This
means you are either vulnerable to this exploit or not. No kiddy will
look at your server signature (probably because they don't have the
right toolz to do that for them).

An experienced attacker will be able to figure out all the information
he needs even without a server signature. An experienced attacker
wouldn't blindly trust an obscured server signature anyway. So either
way: changing your server signature doesn't help you.

Switching it off doesn't hurt either I guess. Check your httpd.conf for
"ServerSignature On" and switch that to Off. Just don't expect this to
significantly improve your security.

Stefan Nordhausen

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here