Am 11.08.2012 17:35, schrieb Michael Meyer: > *** Reindl Harald wrote: >> Am 11.08.2012 16:16, schrieb Michael Meyer: > >>> "man fingerprinting" >> >> man iptables >> man sysctl.conf >> >> below the fingerprinting of a nessus-scan from >> an external security scan running weekly >> >> no, this is really not a printer running >> on top of HP ProlIant 380DL :-) > > I'm not talking about OS fingerprinting. I'm talking about > fingerprinting services
and as long not nessus nor openvas can say which webserver i run my work to prevent any type of fingerprinting was well done to NOT blow out httpd/php/perl is ONE part of make service fingerprinting more difficult and each bit of making it harder can reduce the overall count of real attacks there is no 100% security in this world security at all are many pieces of many os/network/application-levels and not disclose service informations is one of them how can you disagree with this with a @greenbone.net address while a single php-warning with the typical disclose of the servers realpath has it's own NVT if this all does not raise up security?
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
