Re: [Exim] hiding software type & version

Top Page
Delete this message
Reply to this message
Author: John Ward
Date:  
To: Suresh Ramasubramanian, Timothy Arnold
CC: 'exim-users@exim.org'
Subject: Re: [Exim] hiding software type & version
Sounds like another poor company falling prey to "Auditors". Boy are they in
for a good money spending session.

On Monday 23 December 2002 01:43 pm, Suresh Ramasubramanian wrote:
> On Mon, 2002-12-23 at 16:48, Timothy Arnold wrote:
> > Hello,
> > does anyone know in v3/4 how to remove the software type & version of
> > Exim during smtp communication? We recently had an internet security scan
> > performed and they recommended that we remove this information.
>
> Oh, yet another "security by obscurity" measure? That won't ever work
> and is utterly stupid.
>
> You might want to tell whichever "expert" recommended this that there
> are quite a few other ways to fingerprint an MTA - and a whole OS.
>
> Then look for smtp_banner
>
> As long as the idiots don't have you stick a cisco pix in front of your
> exim ...
>
>     srs


--
Thank-you for your time.

John Ward