[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] How to create bogus bannerring for ftp, http and sendmail
- Subject: [cobalt-security] How to create bogus bannerring for ftp, http and sendmail
- From: "Rob van Eijk" <rob@xxxxxxxxxxxx>
- Date: Fri, 25 May 2001 16:40:44 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Just wondering if anyone could give me a tip on how to prevent scanning
software as Nessus to get to see the real version of my servers I have
running (ftp, www, sendmail).
NESSUS recommends: "We recommend that you configure your web server to
return
bogus versions, so that it makes the cracker job more difficult"
Any help is higly appreciated !
-- snip NESSUS output --
Information found on port ftp (21/tcp)
Remote FTP server banner :
proftpd 1.2.2rc1 server (proftpd) [192.168.1.2]
Information found on port smtp (25/tcp)
Remote SMTP server banner :
xxx.xxx.xxx ESMTP Sendmail 8.9.3/8.9.3
Information found on port www (80/tcp)
The remote web server type is :
Apache/1.3.6 (Unix) mod_perl/1.21 mod_ssl/2.2.8 OpenSSL/0.9.2b
[ back to the list of ports ]
Information found on port pop3 (110/tcp)
The remote POP server banner is :
+OK QPOP (version ?) at xxx.xxx.xxx starting. <21234.567890@xxxxxxxxxxx>
-- un-snip --
--
MVG,
Rob van Eijk
www.blaeu.com