RE: [Exim] hiding software type & version

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Timothy Arnold
Date:  
À: 'Suresh Ramasubramanian', Timothy Arnold
CC: 'exim-users@exim.org'
Sujet: RE: [Exim] hiding software type & version
I realize that there might be other methods for determining what version of
MTA/OS I am running, but why give a scriptkiddie an easy ride?

Regards,
Tim.

-----Original Message-----
From: Suresh Ramasubramanian [mailto:mallet@efn.org]
Sent: 23 December 2002 11:44
To: Timothy Arnold
Cc: 'exim-users@???'
Subject: Re: [Exim] hiding software type & version

On Mon, 2002-12-23 at 16:48, Timothy Arnold wrote:
> Hello,
> does anyone know in v3/4 how to remove the software type & version of Exim
> during smtp communication? We recently had an internet security scan
> performed and they recommended that we remove this information.


Oh, yet another "security by obscurity" measure? That won't ever work
and is utterly stupid.

You might want to tell whichever "expert" recommended this that there
are quite a few other ways to fingerprint an MTA - and a whole OS.

Then look for smtp_banner

As long as the idiots don't have you stick a cisco pix in front of your
exim ...

    srs




**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************