-----Original Message----- From: Michael Appeldorn [mailto:appeldorn@codixx.de] Sent: Wednesday, March 06, 2002 1:07 PM To: suse-security@suse.com; Yarrel Subject: Re: RE: [suse-security] Apache version
Security through obscurity doesn´t work.
It just works IMHO - maybe only 4 specific purposes, but it works.
This is false sense of security. It doesn´t work for security purposes.
Most of the the activity in your logs, including hack/exploit attempt are from scriptkiddies who couldn't care less what version your running. The just throw their cookbooks at your IP/firewall regardless.
e.g. you give false/faked or none replys to such telnet request, will give all, not only the kiddies, a false first impression and maybe they fail or will never find what they're searching for, cauze it's there but with a mask.
Like I said. Scriptkiddies throw everything and the kitchemsink at your box. They don´t give a damn what version your running. Check your software. Is it vulnerable ? upgrade or patch. Set appropriate permissions, enforce active/strong security ploicy for users etc. This works! Masquarading a vulnerable or potentially vulnerable machine with forged headers is IMHO ridiculous, and a waste of time. Patch and configure properly instead. /Yarrel