Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.
On Thu 20 Jun 2019 at 23:26:08 +1000, Andrew McGlashan wrote:
> # dpkg-query -l|grep \ exim|awk '{print $2,$3}'|column -t
> exim4 4.89-2+deb9u4
> exim4-base 4.89-2+deb9u4
> exim4-config 4.89-2+deb9u4
> exim4-daemon-heavy 4.89-2+deb9u4
> exim4-doc-html 4.89-1
>
> Is there a way to provide version of "4.92" easily or some other text
> to stop the likelihood of outsiders trying to pound on and exploit the
> server? Even though they won't be able to do successfully due to up to
> date patch status.
You really, really think changing a version number increases or
decreases the likelihood of automated server probes happening?
Doesn't doing this qualify as security through obscurity?
--
Brian.
Reply to: