-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Mads Toftum wrote: > It used to be that you could just stick it into the server header and be > done with it, but with recent trends of security "experts" telling > everyone to go ServerTokens Prod, that doesn't really fly.
Typical security-through-obscurity approach. I just hate that kind of "expert". I'll see that it does not become practice in this year's SANS TOP-20 (I've been a contributor to it for the last 4 years www.sans.org/top20)! - -- Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG3cRXAlpOsGhXcE0RCo0rAJ9m58S0gNj8DYy52CYMz0Sn/54ucgCfQJ/g P9Jz3pfhbALdJRuO0csuzXo= =SPAA -----END PGP SIGNATURE-----
