> > On its own, yes it is. Coupled up with regular patching of security holes, > > monitoring of logs, a good IDS that is setup to mail/page you, correct > > configurations, and a good background on security, it is actually useful. > > You are right. It would seem that we are arguing about different things, > then. My claim that StO is a bad idea was based on the scenario that it > is the first (and in some cases, only) trick used to "secure" a box. > That is what I thought the discussion was about.
The original mail asked just about how to modify the apache banner. The peson was given the answer along with the advice as to not rely on this as the only measure of protection. It was a good advice. And then Jay Dyson misunderstood the intent and purpose, and presented his misinformed view as to why header munging should actually be avoided (irrespective of whether additional security measures were taken or not. Or at least his mail clearly carried that tone.) StO is actually harmful on its own. But it can be a good additional measure along with the other security measures). > > > Which only goes to prove how you have skipped studying current trends. Don't > > take it personally, but any admin who does that, is a graver danger to his > > network, than the most skilled cracker. > > I think this bit of flamage is a bit unjustified, but I will let it go. > > > Heard of a couple of exploits for openssh ? And openssh is widely used. Ever > > heard of this little script called sshscan/sshdscan ? Go take a look at the > > source. > > Sure. I am familiar with both the exploits and the scripts. But do I let > ssh in through my firewall from anywhere? Certainly not. > > The point here is that a good firewall config, combined with an IDS of > some sort and some good common sense, is a much better way of protecting > your stuff than suppressing a few banners and pulling the security > blanket over your eyes. > > And *that* is what I have been trying to say. Sorry if I was not clear > enough. And I still stand by my claim that the vast majority of script > kiddies' tools ignore banners and just try the exploits. > > > -- > Josh Glover <[EMAIL PROTECTED]> > > Associate Systems Administrator > INCOGEN, Inc. >
