httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject RE: [users@httpd] Apache/1.3.28 Server at foo.bar.edu Port 80
Date Tue, 18 Nov 2003 15:23:28 GMT

[This thread has pretty-much concluded in my absence, but there are a
couple things here I should really correct.]

On Tue, 18 Nov 2003, Rafael Faura wrote:
> --- Fortunately we aren't talking about IIS ;). My logs are full of IIS
> unicode/decode attempt exploit lines, nothing that can affect Apache. And
> script kiddies, specially script kiddies, have **no idea** about exploiting
> Apache bugs, they only run simple IIS unicode/decode scanners.

Not at all true.  I don't know of any worms targetting the core apache
code, but there have certainly been worms targetting apache together with
certain other programs.  Take the recent OpenSSL worm, for example.

> 2. Smart crackers can easily figure out this information with high
> accuracy regardless of whether you display it publicly.
>
> --- Smart crackers?... well, i suposse that you're talking about smart
> hackers.

See: http://www.catb.org/~esr/jargon/html/C/cracker.html

Personally, I don't have any problem with people mucking with their
ServerSignature and Server: header; you can do what you want with your own
server.  But I do have a problem with people recommending this as a
security enhancement.  It's not.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message