('binary' encoding is not supported, stored as-is)
In-Reply-To: <001501c30c3e$a5f21fc0$1500020a_at_bigdog>
>You will need to modify the source code. Unfortunately
that won't really
>fool anyone. Error messages, header formats/etc all
provide plenty of
>information. Check out Rain.Forest.Puppy's
presentation on this and his
>whisker tool available at wiretrip.net.
>
>
>In any event it doesn't matter, most "generic" web
attacks I have seen are
>not targeted, they simply take a shotgun approach, or
if it's a worm it just
>blasts out at everyone. Much better to spend the time
and effort keeping
>Apache up to date.
>
>
>Kurt Seifried, kurt_at_seifried.org
>A15B BEE5 B391 B9AD B0EF
>AEB0 AD63 0B4E AD56 E574
>http://seifried.org/security/
What you said is true but the problem that we use an
rpm version for apache.
Eliminating this information (apache version) for
avoiding target attacks that can be done on a
vulnerable version when the administrator has not
discover this vulnerability, so this eliminates some
cases or kinds of skilled attackers
Thanks for informations that you have provided
Received on Apr 28 2003
Intro
