DaemonForums  

Go Back   DaemonForums > Other Operating Systems > Other BSD and UNIX/UNIX-like

Other BSD and UNIX/UNIX-like Any other flavour of BSD or UNIX that does not have a section of its own.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 1st August 2008
samile samile is offline
New User
 
Join Date: Jul 2008
Posts: 4
Thanked 0 Times in 0 Posts
Unhappy Apache response to "OPTIONS * HTTP/1.0"

hello, I have read my apache log and i found some request "OPTIONS * HTTP/1.0". I have test with telnet to send the same request and my apache respond:
Server: Apache/2.2.9 (FreeBSD) PHP/5.2.6 with Suhosin-Patch

I dont like that, hackers can know my version of apache and php.

how to change that?

because I have made some test on other server and I receive just :
Server : Apache

Last edited by samile; 1st August 2008 at 09:17 PM. Reason: I have the last PcBSD. look my other post for complete version
Reply With Quote
  #2   (View Single Post)  
Old 1st August 2008
dk_netsvil dk_netsvil is offline
Real Name: Devon
Fdisk Soldier
 
Join Date: May 2008
Location: New York
Posts: 75
Thanked 7 Times in 7 Posts
Default

I think that the modification you want to make is really just an act of sleight of hand - anyone that really wants to know can very easily determine your versions of apache, php and openssl. Additionally, there are a number of fingerprinting applications that can provide them with your OS and OS version, too.

That said, here is a tutorial that may help you accomplish this.

Really, though, active protection like mod_security and phpIDS might do more to protect you than simply not displaying those version numbers.
Reply With Quote
  #3   (View Single Post)  
Old 1st August 2008
samile samile is offline
New User
 
Join Date: Jul 2008
Posts: 4
Thanked 0 Times in 0 Posts
Default

I'm happy my Apache respond Apache now.
thx very much.
I host just my personnal website. i don't need very much security. for the scripting.
thx thx thx.

Last edited by samile; 1st August 2008 at 09:50 PM. Reason: And sorry for my english ;-)
Reply With Quote
  #4   (View Single Post)  
Old 1st August 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Security through obscurity == Bad idea.

There was a discussion on the OpenBSD mailing list, someone requested how to hide the OpenSSH version identification.. Theo striked them down.

Anyway, the point is, instead of hiding the version... keep on it, look out for vulnerabilities and maintain the machine "you" put on the Internet.

If that's too hard for you, lookup the <Limit> directive.
Reply With Quote
  #5   (View Single Post)  
Old 1st August 2008
samile samile is offline
New User
 
Join Date: Jul 2008
Posts: 4
Thanked 0 Times in 0 Posts
Default

i'm medium on administration but i'm developper. and i protect my script. I read my log. but for maintain the machine up to date, it's another problem (i'm very busy)...

i have kick the bruteforce on ssh with PF.
and i have only ssh/apache/php/mysql running.
i have put clamav just for "reassure" me.
and i try to read my log and my system mail every weekend (I have only 1 user me (and root), and 1 website of 5 pages).

Last edited by samile; 1st August 2008 at 10:03 PM. Reason: Hiding version + up to date = more secure
Reply With Quote
Reply

Tags
options * http/1.0

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Opera Port - conflicting pkgs in "make install" IronForge OpenBSD Packages and Ports 5 29th October 2009 05:10 AM
Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia" jb_daefo Guides 0 5th October 2009 09:31 PM
"Thanks" and "Edit Tags". diw Feedback and Suggestions 2 29th March 2009 12:06 AM
can't start apache "httpd not running" disappearedng FreeBSD General 5 22nd September 2008 10:18 PM
Newbie-friendly "printing in OpenBSD" guide wanted Shagbag OpenBSD Packages and Ports 5 7th July 2008 09:26 PM


All times are GMT. The time now is 01:34 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick