Obscurity is certainly not an excellent defense by itself, but it helps when you look at security as a big picture.
One of my machines just got hacked this morning by someone in Brazil. We had an old version of the W-Agora bulletin board software in use, and it just happened to contain a PHP script capable of remotely executing commands as the webserver. Unpublished and unknown to everyone, of coarse. Luckily, the hackers weren't terribly malicious, and they just put an image on our homepage (didn't go after our password files or anything), but I don't think it would have happened if we hadn't disclosed the W-Agora version we were running. Of coarse, it also wouldn't have happened if W-Agora's programmers weren't stupid enough to allow arbitrary command execution via GET, or if the W-Agora team had bothered to mention that this exploit existed in the first place so that I could upgrade! I guess I'm just saying that Obscurity is useful for protecting vulnerabilities that may exist, even though no-one knows about them. It a hacker finds a vulnerability that works for a certain version range, then he's going to look for that version range when he tries to exploit it. Denying access to version information may just prevent an attack. But it's certainly not the best defense. Jesse On Monday 20 January 2003 14:36, Jason R. Mastaler wrote: > Eric <[EMAIL PROTECTED]> writes: > > Some security policies often require that version numbers not be > > disclosed. > > Well, that's security by obscurity which I've never thought was a good > idea. Also, no vulnerabilities have been found in TMDA to my > knowledge. > > Anyway, I just remembered that you could probably strip > X-Delivery-Agent by setting PURGED_HEADERS. > > PURGED_HEADERS = ['bcc', 'resent-bcc', 'x-delivery-agent'] > > See http://tmda.net/config-vars.html#PURGED_HEADERS for more info. > _____________________________________________ > tmda-users mailing list ([EMAIL PROTECTED]) > http://tmda.net/lists/listinfo/tmda-users -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net We are actively looking for companies that do a lot of long distance faxing and want to cut their long distance bill by up to 50%. Contact [EMAIL PROTECTED] for more info. _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
