[nycphp-talk] Basic security question
inforequest
sm11szw02 at sneakemail.com
Sat Jul 17 11:37:03 EDT 2004
Paul Reinheimer preinheimer-at-gmail.com |nyphp 04/2004| wrote:
>for every peice of information they want. Set the apache server string
>to claim it is some recent release of IIS, tell all the services not
>
>
I can't think of anything I would want *less* than probes thinking my
box is IIS. My log would be full of 256+ length "XXXX" strings, .exec
hack attempts, worm hole seekers, etc. And if a cracker actually was
fooled enough to think my box WAS some form of hardened IIS, then the
script kiddies would surely try everything against it, fully confident
that something would work.
I think having identify itself as SecureBSD or perhaps
name_a_planet(@random) would be less of a liability.
More information about the talk
mailing list