There are several references describing why it is a Good Thing(tm) to =
edit the banner:
http://www.ibm.com/linux/Securing_Linux_Servers_xSP_external.pdf
http://rr.sans.org/infowar/fingerprint.php
http://www.net.ohio-state.edu/security/talks/199x_state-of-the-hack/state=
-of-hack.pdf
http://www.csnc.ch/downloads/docs/hardening/SolarisHardening_CSNC.pdf
http://www.microsoft.com/technet/security/prodtech/mailexch/opsguide/e2ks=
ec03.asp
http://www.greyhats.org/outils/smtpscan/remote_smtp_detect.pdf =
(identifies xmail too)
While some might consider this as -security by obscurity- that might =
give a false sense of security. It still helps a _bit_. And every little =
bit helps.
All security scanners also checks for such banners and xmail will give =
much info on the scanned system: mail service, os, date, timezone. While =
some of these data can be retrieved by other means (os: nmap, date: icmp =
request) you should usually try to make it as hard as possible. As we've =
found in one of the documents above, also xmail can be successfully =
identified without the use of greeting banners (along with 76 other mail =
servers (including different versions of the same software)).
While xmail might not get this feature any soon, there are many commonly =
used mail servers that has this feature available now. IMHO such a =
feature is useful.
Lars
> -----Original Message-----
> From: Shawn Anderson [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 05, 2002 03:19
> To: [EMAIL PROTECTED]
> Subject: [xmail] Re: greeting banner
>=20
>=20
>=20
> Hmm,
> I think we need to talk all the arguments for this topic and
> make an FAQ so that we can point people to it in the future :-p
>=20
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]
