[ale] SSHD reports version info!?

Geoffrey esoteric at 3times25.net
Thu Feb 19 15:06:15 EST 2004


matty91 at bellsouth.net wrote:
> On Thu, 19 Feb 2004, Michael H. Warfield wrote:

>>	Not really.  If you didn't, an attack can just throw a broad
>>spectrum attack at you, no gain.  Someone scanning would spot you and
>>just assume that you are obfuscating the information because you're too
>>lazy to keep your software up to date and flag you for that extra special
>>attention they like to provide from time to time, just after an exploit
>>release.
> 
> 
> I am not so sure I agree with this. Most of the script kiddie utilities
> do pattern matching based on banner information. While this doesn't
> protect you from someone with a clue, it would help you deflect
> attacks from the ppl d/l'ing sploits on the web.

All I'll say is you're arguing with the wrong guy. ;)


-- 
Until later, Geoffrey                     Registered Linux User #108567
Building secure systems inspite of Microsoft



More information about the Ale mailing list