Re: Hiding Banner

Wed, 14 Sep 2005 05:59:41 -0700
As stated by another poster, there is plenty of software that can tell what version you are running, even if you disable the banners. All that disabling the banner does, is make idiots feel comfortable. The only way, short of an expensive in-line ids, to stop exploits, is to patch or disable the software with 'kill <process>'. How does the version hiding help, if the software has a list of, say, 10 holes to probe for, and can do so in mere seconds? Ones that fail, oh well. Ones that pass, you're compromised. Banner, version info or not, didn't help. 

Believe in what you will.

On Wed, 14 Sep 2005, Timo Schoeler wrote:


Date: Wed, 14 Sep 2005 13:09:20 +0200
From: Timo Schoeler <[EMAIL PROTECTED]>
To: Alexander Dalloz <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], info-cyrus@lists.andrew.cmu.edu
Subject: Re: Hiding Banner


         I am new to cyrus. I have manage to installed cyrus-imapd
2.2.12-9 on FC1. For security reasons, i need to change the Banner of
cyrus-imapd server. When i do telnet localhost 110 , i gets * OK
netserv Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-9 server ready, how can
i change it as per my requirement??? I am having source rpm with me.
Can any body help me out ???




Amod Sutavane.



http://www.google.com/search?hl=en&q=security+by+obscurity&btnG=Google+Search

Better keep your system secure


yes.


then trying to camouflage.


nope. a combination of both :)

imagine running production systems, a bug in the current stable is
discovered but (as you run production systems) you're not able to
upgrade them within a few minutes and in the mid of a week.

hiding the daemon from a possible intruder is /very/ nice in this case.

not everybody is willing to run beta software/bleeding edge early
adopter's stuff on a PeeCee w/o redundant PSUs/HDs/etc. w/o ECC
connected to an ADSL line. however, there's a lot of people willing to
do so. but that's not a sign for the best solution (TM).


Btw. you are running an EOL (end of lifetime) Linux distribution
release. Think about that.

Alexander


cheers,

timo
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html



----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html






















					Reply via email to