RE: [Exim] hiding software type & version

Página Inicial
Delete this message
Reply to this message
Autor: Timothy Arnold
Data:  
Para: 'Jan Johansson', Timothy Arnold, exim-users
Assunto: RE: [Exim] hiding software type & version
We use a company called NTA Monitor.

This was only a 'Low' warning, but I still think, for the sake of one line
in a configuration file, is a very good thing to do. Why should we give them
any more information than we need to?

Regards,
Tim.

-----Original Message-----
From: Jan Johansson [mailto:jan.johansson@nwl.se]
Sent: 23 December 2002 12:51
To: 'Timothy Arnold'; exim-users@???
Subject: RE: [Exim] hiding software type & version

>does anyone know in v3/4 how to remove the software type & version of

Exim
>during smtp communication? We recently had an internet security scan
>performed and they recommended that we remove this information.


None of the SMTP exploit scanners I have seen lately uses the banner in
the first place they fingerprint in other fashions.


Who recommended hiding this info? From my experience, this
recommendation is one of the
"We-can-always-find-something-to-make-the-customer-think-they-are-more-v
unerable-then-they-are"-things.


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************