Re: [Imap-uw] How to diable the

Thu, 21 Jul 2005 11:21:48 -0700 

On Thu, 21 Jul 2005, KISHOR.MV wrote:

How disable the server banner ?
I am using imap-2004d
and the security scanner program says that my Imap4 and POP3 server provides server banners which is interesting for attackers 


There is always a banner from the IMAP server; this is required by the 
protocol.



Although this information may be interesting to attackers, it is also 
interesting to legitimate clients.  Among other things, it instructs the 
clients on how to log in to the server; without that information the 
client can not log in (or worse, will attempt an insecure method of 
logging in).


For example, here is a typical banner:

* OK [CAPABILITY IMAP4REV1 LITERAL+ SASL-IR LOGIN-REFERRALS STARTTLS 
LOGINDISABLED AUTH=CRAM-MD5 AUTH=ANONYMOUS] imap.example.com IMAP4rev1 2005.360 
at Thu, 21 Jul 2005 11:09:42 -0700 (PDT)

Let's examine each individual element:

        * OK


Mandatory protocol element.  Indicates that server has accepted the 
session and is ready to for the client to log in.


        [CAPABILITY ...]


Protocol element.  Identifies server capabilities used to log in.  The 
client needs this information to know what procedures it can use in 
logging in.  Without this information, the client will attempt a 
deprecated and insecure means


        imap.example.com


DNS name of the server.  The client already knows this, since it connected 
to the server.


        IMAP4rev1 2005.360

Version number of the server

        at Thu, 21 Jul 2005 11:09:42 -0700 (PDT)


Date/time at the server.  Presumably the client has access to a clock, 
although it may find the server's timezone interesting to know where in 
the world the server is located.



In conclusion, just about the only thing that can be removed from the 
banner with meaningful effect is the version number of the server.  You 
can remove the server DNS name and time, but it's a bit silly.  The other 
stuff can't/shouldn't be removed at all.


-- Mark --

http://staff.washington.edu/mrc
Science does not emerge from voting, party politics, or public debate.
Si vis pacem, para bellum.
_______________________________________________
Imap-uw mailing list
Imap-uw@u.washington.edu
https://mailman1.u.washington.edu/mailman/listinfo/imap-uw






















					Reply via email to