Re: removing banners from cyrus

From: Clifford Thurber (no email)
Date: Tue Apr 02 2002 - 15:17:05 EST

• Next message: Andreas Meyer: "Re: your mail"
• Previous message: Michael Bartosh: "Re: Starting master on Mac OS X"
• Maybe in reply to: Clifford Thurber: "removing banners from cyrus"
• Next in thread: Steve Wright: "Re: removing banners from cyrus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

OK using your logic I will deduce that since anything on a network can be
hacked into I should not attempt to take any security precautions. Security
is applied in layers and the more layers the better. My question was not
intended to start a thread regarding security practices as that is not the
design of this list. We should drop it. I asked a question and got an answer.

At 01:59 PM 4/2/2002 -0600, Jim Levie wrote:
>On Tue, 2002-04-02 at 13:26, Ken Murchison wrote:
> >
> >
> > Clifford Thurber wrote:
> > >
> > > Ken I am just interested in suppresing platform/version information when
> > > someone telnet to port 143. Just one more layer of security.
> >
> > But by doing this, you're implying that there is a security hole in the
> > Cyrus server which can be exploited if the hacker discovers the
> > vendor/version info. Is there some known security hole in Cyrus that
> > isn't in other servers. Even if there is, I don't think that the lack
> > of info in the banner is going to stop a hacker from trying the exploit
> > anyway. Furthermore, a good hacker intent on finding Cyrus servers
> > could also detect them by look for known response strings from commands,
> > etc.
> >
>Ah yes, the old "security through obscurity" game. From what I've seen
>eliminating the server type and version has no affect on whether a
>cracker can exploit any weakness that an application has. And that's
>because the vast majority of attacks aren't done in what one would
>consider an intelligent manner. The attacker doesn't examine services to
>figure out if they are vulnerable or not. He/she simply runs a script
>that attempts to exploit all known vulnerabilities. So hiding the fact
>that you are running a certain version of Sendmail, or Cyrus, or
>whatever doesn't generally help. The attack scripts that I've recovered
>from cracked boxes (that were then used to try to crack other boxes)
>just had a big list of things to try.
>--
>=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> Jim Levie email:
>
> Dynetics Inc, Huntsville, Al Ph. 256.964.4337
> The opinions expressed above are just that...

• Next message: Andreas Meyer: "Re: your mail"
• Previous message: Michael Bartosh: "Re: Starting master on Mac OS X"
• Maybe in reply to: Clifford Thurber: "removing banners from cyrus"
• Next in thread: Steve Wright: "Re: removing banners from cyrus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]