Re: [Exim] hiding software type & version

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Dennis Davis
Data:  
Para: Timothy Arnold
CC: exim-users
Assunto: Re: [Exim] hiding software type & version
>From: Timothy Arnold <timothy.arnold@???>
>To: 'Suresh Ramasubramanian' <mallet@???>,
>    Timothy Arnold <timothy.arnold@???>
>Cc: "'exim-users@???'" <exim-users@???>
>Subject: RE: [Exim] hiding software type & version
>Date: Mon, 23 Dec 2002 11:58:51 -0000

>
>I realize that there might be other methods for determining what
>version of MTA/OS I am running, but why give a scriptkiddie an easy
>ride?


Quite. I'm happy to do this with most s/w *providing* it's
cheap to do. My exim configuration files usually include
the following somewhere in the main configuration section:

# Let's go almost minimal on the SMTP greeting banner. This is
# obviously only relevant if we are listening on the SMTP port.
smtp_banner = "${primary_hostname} SMTP Server ready."

--
Remember, security through obscurity isn't inherently harmful---as
long as it doesn't interfere with the deployment of real security
mechanisms.
         -- D J Bernstein


>-----Original Message-----
>From: Suresh Ramasubramanian [mailto:mallet@efn.org]
>Sent: 23 December 2002 11:44
>To: Timothy Arnold
>Cc: 'exim-users@???'
>Subject: Re: [Exim] hiding software type & version
>
>On Mon, 2002-12-23 at 16:48, Timothy Arnold wrote:
>> Hello,
>> does anyone know in v3/4 how to remove the software type & version of Exim
>> during smtp communication? We recently had an internet security scan
>> performed and they recommended that we remove this information.
>
>Oh, yet another "security by obscurity" measure? That won't ever work
>and is utterly stupid.
>
>You might want to tell whichever "expert" recommended this that there
>are quite a few other ways to fingerprint an MTA - and a whole OS.
>
>Then look for smtp_banner
>
>As long as the idiots don't have you stick a cisco pix in front of your
>exim ...