[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] New SSL Patch -- did anything happen ?
- Subject: Re: [cobalt-security] New SSL Patch -- did anything happen ?
- From: "K-IM" <k-imaiz@xxxxxxxxxxxxxxxxx>
- Date: Tue, 8 Oct 2002 17:56:15 +0900
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
HI, All.
I am sorry in bad English. Cause I understand in Japanese.
>> Try setting ServerTokens Min in /etc/httpd/conf/httpd.conf and
>> /etc/admserv/conf/httpd.conf instead of ProductOnly.
> Which is better, but I'd like to get ride of that version. Slapper can still use it.
Yes, I agree completely.
And I fear being attacked by someone who use an EXPLOITable attacking tool.
The attacking tool does not use ServerTokens version because Black Hat
Atacker already knows my server's version, anyway.
It is a matter of course that the Worm is automatic, Worm must know our server's
version. But a man who will atack my server , already knows the attacking
method which is alike and suitable for the situation, version of my server.
The attacking tool is known, It was opened to the public.
> Which is better, but I'd like to get ride of that version. Slapper can still use it.
Yes, Subspecies Worm sees version apache 1.3.6 then SubspeciesWorm
knows IT IS COBALT RAQ3 ! ( Other server use 1.3.6? NO! )
Best Regards.