Re: Someone scanned my ssh daemon
On Mon, 16 Jun 2003 at 14:26:33 +0200, Stefan Neufeind wrote:
> On 16 Jun 2003 at 7:00, Halil Demirezen wrote:
>
> > To be brief, I don't usually come accross that there is an exploit for
> > only effective to debian boxes. Plus, There are lots of ways to learn
> > what distribution you are running on your machine. telnet xxxx.com 80
> > and do some returns and you get the info you are running apache with
> > php xxx support on debian box.
> >
> > This is not only ssh case.
>
> Well, but for e.g. php I don't see why this is necessary. Anybody
> wrote a doc on how to suppress unnecessary version-messages? I'd be
> really interested in such things ...
>
In apache's config:
ServerTokens ProductOnly
ServerSignature Off
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
tomek@lodz.tpsa.pl http://www.lodz.tpsa.pl/ | ones and zeros.
Reply to: