>>>> To believe that this increased security is just wrong. Hiding the >>>> banner doesn't make a webserver (or other services) more secure >>>
>>> but it makes automated attacks followed by simplest scans >>> less likely in the timewindow between release of a security >>> update and install it on the machine >> > > below the fingerprinting of a nessus-scan from > an external security scan running weekly > > no, this is really not a printer running > on top of HP ProlIant 380DL :-) > > Scan: 04.08.2012 06:27:01 - 04.08.2012 06:38:38 > Betriebssystem: KYOCERA Printer > I think the main point to take is that by disrupting the fingerprinting process you can disrupt the workflow of the attacker. Whether the target is any more secure or not, strictly speaking, you are making the attacker do more work. If the attack is automated then that "more work" might not be in the attacking program's logic and you can get a big benefit. -G ------------------------------ Geoff Galitz http://www.galitz.org _______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
