also sprach Thom May <thom@debian.org> [2003.07.29.1027 +0200]: > No, obscurity is almost never a useful measure. Unless you have > exploitable software that you don't want people to know about. This is a debateable issue. Note that I am not saying that obscurity is a security mechanism. But what I am saying is that given security of a system, obscurity is a means to make snooping more difficult. I believe that security must be unaffected by how much an attacker knows about my infrastructure and servers. However, I also don't see *any* reason why Apache should advertise its version number. It's extra information that is not needed by anyone other than curious admins. -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
pgpXd2ZJdStgR.pgp
Description: PGP signature