Ivan Ristic wrote: > > > > As Lars said (and I agree), it has nothing to do with security. Why do you > > provide such a "feature" then? > > Because I believe that changing the signature prevents some > automated tools from attacking the server. > > So, the signature > does matter. >
Without a doubt. Look at how many exploits grep on not only the "name" of the server but also the version. I didn't propose this to create (yet another) heated discussion, simply to suggest that we take ServerTokens to its logical conclusion based on some requests I've seen. :) -- =========================================================================== Jim Jagielski [|] [EMAIL PROTECTED] [|] http://www.jaguNET.com/ "A society that will trade a little liberty for a little order will lose both and deserve neither" - T.Jefferson
