Re: Exim latest update reports to world as 4.89, which the world thinks is vulnerable.

[Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 20/6/19 11:57 pm, Brian wrote:
> On Thu 20 Jun 2019 at 23:26:08 +1000, Andrew McGlashan wrote:
> 
>> # dpkg-query -l|grep \ exim|awk '{print $2,$3}'|column -t exim4
>> 4.89-2+deb9u4 exim4-base          4.89-2+deb9u4 exim4-config
>> 4.89-2+deb9u4 exim4-daemon-heavy  4.89-2+deb9u4 exim4-doc-html
>> 4.89-1
>> 
>> Is there a way to provide version of "4.92" easily or some other
>> text to stop the likelihood of outsiders trying to pound on and
>> exploit the server? Even though they won't be able to do
>> successfully due to up to date patch status.
> 
> You really, really think changing a version number increases or 
> decreases the likelihood of automated server probes happening?

Yes, if "candidates" are chosen and then advertised to bots to go and
do the work, instead of doing the work against any and every server,
for sure.  If this was a quick and simple exploit, the answer would be
no, but this exploit takes considerable time before a result is known
or attained from the attempt.

> Doesn't doing this qualify as security through obscurity?

Yes, but sometimes that simply works.

Kind Regards
AndrewM
-----BEGIN PGP SIGNATURE-----

iHUEAREIAB0WIQTJAoMHtC6YydLfjUOoFmvLt+/i+wUCXQvNQQAKCRCoFmvLt+/i
+7KGAQCEkZ/PhssYzKVsJI2yd/cT1B3RMXEAGqNn0vnt/JQxGAD/VPpHgN+rSUbU
Uw+XZdEOZ3kQxkykPGO9bfy8qJRjshc=
=Gs+8
-----END PGP SIGNATURE-----