12 Jun
2008
12 Jun
'08
11:20 p.m.
Yeah, but it's a really minor one. There are tools out there that will give you detailed information on systems by analyzing packets and support for certain things. Yo recuerdo Queso!
Security by obscurity helps, but not much. Patching, firewalling, and restricting services/access are orders of magnitude more important. :)
Jeffrey.
On Thu, Jun 12, 2008 at 6:07 PM, Geoffrion, Ron P [IT] [email protected] wrote:
Is it necessarily considered poor web server configuration to be able to telnet into a webserver and pull off the server info?
It is considered a security vunerability. By revealing OS/webserver version, you advertise potential attack vectors.
\
--
"He that would make his own liberty secure must guard even his enemy
from oppression; for if he violates this duty he establishes a
precedent that will reach to himself." -- Thomas Paine