Hardly. Sometimes people are harmless if they don't know your version numbers.
At present exploits are merely bullets (and that's only if they've been standardised to fit into another piece of software).... fear the gun. Currently, hackers are not telnetting to your port 22 seeing if you have an exploitable SSH and running an appropriate exploit against them. They are verifying your versions via the banner with SOFTWARE and AUTOMATICALLY running "standardised" exploits and AUTOMATICALLY rootkitting people. Presently, I have 3 major checks against all my binaries (more coming). Rootkitting me is probably not a smart thing to do, however I took all the version numbers off my service banners anyhow. This is a FAST and EASY fix for some people. Be bloody told, taking the banners off fools the regexp - it will fool a lot of programs (the gun) that "autohack". Remember, even the "real" hackers need little sites to bounce off at the least. They TOO use these bulk scanners for such things at times I'm sure. I know for myself, if I really want to know the basics about a system I use this: http://ar.com.au/~thefinn/hv.c Perhaps it's better to be secure AND obscure. Bored with this conversation, it's OLD. l8r, TheFinn. On Wed, 5 Jun 2002 00:03, Meritt James wrote: > BINGO! > > "Jay D. Dyson" wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On Tue, 4 Jun 2002, Meritt James wrote: > > > > ...but be advised: banner obfuscation provides no real security > > > > benefit. Security through obscurity ain't. > > > > > > Nice filter to keep out the harmless... > > > > If they're harmless, they are no threat. If there is no threat > > from the beginning, then please explain the security benefit. > > > > Besides, what good is it if a banner alteration turns away Joe or > > Jane Scriptkiddy if the next visitor is Nimda on rollerskates? > > > > My assessment stands: security through obscurity ain't. > > > > - -Jay > > > > ( ( _______ > > )) )) .--"There's always time for a good cup of coffee"--. > > >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- [EMAIL PROTECTED] > > ------<) | = |-' `--' `--' `-- I'll be diplomatic...when I run out of > > ammo. --' `------' > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.0.7 (TreacherOS) > > Comment: See http://www.treachery.net/~jdyson/ for current keys. > > > > iD8DBQE8/MciGI2IHblM+8ERAjETAJ4smfidvaqEulcIPO87y0iaRAx0dgCgit3F > > lj4kiUDR0v/VQstnMuXcG+U= > > =sX9j > > -----END PGP SIGNATURE-----
