> It raises the question of whether there exists a set of instructions > to follow that will achieve the goal of completely masking the fact > that you are running ColdFusion, even from fingerprinting scan tools. > I have never seen any whitepapers on this and would assume that none > exist. Some major Web sites obscure what application server they are > using for security reasons.
I think this would be extremely difficult, as there are a lot of potential URL patterns that will provide a CF-specific response. While some sites attempt to obscure what application server they're running, I don't think it's effective enough to warrant the implementation time. > If you are able to successfully hide which application server you are > running then your site should be more secure. Imagine if a major > vulnerability were discovered with a feature of ColdFusion, such as > with the FCKEditor. A hacker might create a simple automated hack > script using Google search results as a list of target sites. If your > site doesn't come up in any search engine when searching for > "index.cfm," then you are better protected from that type of random > automated attack. Looking at the number of requests I see in the server logs that have nothing to do with anything I've installed on the server, I suspect that most random automated attacks don't even attempt to determine if you have a specific application server installed - after all, why bother? You might as well just request the URL that'll trigger the vulnerability if it exists. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:334563 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
