This method of security through obscurity will not prevent another
hacker from chaning the worm to use one of the modified versions of the
exploit which supports brute forcing. Nor does it trick Solar Eclipse's
scanner which actually overflows and checks to see if the server
response contains our
* Ajai Khattri ([EMAIL PROTECTED]) [020919 09:02] wrote:
> Not seeing any announcement from my vendor (and not wanting to compile
> SSL from source),
> I set out to see if there was some way of avoiding being infected in the
> first place. I decided to hack my Apache (1.3.26) source code to send
Not seeing any announcement from my vendor (and not wanting to compile
SSL from source),
I set out to see if there was some way of avoiding being infected in the
first place. I decided to hack my Apache (1.3.26) source code to send a
bogus Server: header (seeing as this is how Slapper detects w
John Scimone wrote:
>Haven't seen this posted yet so figured some people might be interested, even
>though thousands of computers have already had the exploit delivered to their
>doorstep. heh the kiddies are gonna love this one.
>-sert
>___
>Full-Dis
