You answer your own question. Something as simple as changing banners can stop some automated scripts and keep out some wannabe script-kiddies. You are right that it doesn't provide any *real* security, but it does help to stop some scripts and slow down some attackers. And although it might be a small step, the more steps can add to slow down an attacker, the better chance I have of keeping them out. Maybe they'll get tired of peeling through the layers. Maybe it thwarts a dumb script. I run my webserver on a different port than 80. It may not add any "security", but it keeps Code Red and Nimda from clogging my logs all day.
Let's face it, most attacks come from script-kiddies looking for the weakest host, not real crackers targeting your domain. And if modifying a banner or changing a port number keeps out one or the other, than it is worth it. I'll still use other means to beef up my *real* security, but every little bit helps. Brownfox -----Original Message----- From: Jay D. Dyson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 04, 2002 9:57 AM To: Meritt James Cc: Pinsky Dan; [EMAIL PROTECTED] Subject: Re: security through obscurity (was: Re: remove apache os banner -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 4 Jun 2002, Meritt James wrote: > > ...but be advised: banner obfuscation provides no real security > > benefit. Security through obscurity ain't. > > Nice filter to keep out the harmless... If they're harmless, they are no threat. If there is no threat from the beginning, then please explain the security benefit. Besides, what good is it if a banner alteration turns away Joe or Jane Scriptkiddy if the next visitor is Nimda on rollerskates? My assessment stands: security through obscurity ain't. - -Jay ( ( _______ )) )) .--"There's always time for a good cup of coffee"--. >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- [EMAIL PROTECTED] ------<) | = |-' `--' `--' `-- I'll be diplomatic...when I run out of ammo. --' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (TreacherOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iD8DBQE8/MciGI2IHblM+8ERAjETAJ4smfidvaqEulcIPO87y0iaRAx0dgCgit3F lj4kiUDR0v/VQstnMuXcG+U= =sX9j -----END PGP SIGNATURE-----
