Language Selection

English French German Italian Portuguese Spanish

Hiding Software Versions - A Step Forward to a Secure Server

Filed under
HowTos

Hiding Software Versions - A Step Forward to a Secure Server
By drendeah

Most of you may not notice, or may not care, about the software versions that get revealed by the running services on your server. By default almost all services reveal some information to the clients that use them. Among this information is the version of the software that is being run. It has always been best practice, not to reveal more than it is needed. Why reveal the version of the service when nobody needs to know it? By letting these details be seen, you don't get anything else, but an extra chance for crackers to break into your server.

Let's suppose that you have an old software running, and it's configured to show it's version. For a cracker who scans the internet periodically it will be very easy to hack into your server if he already has some knowledge about your server. You will help him narrow his attempts only to those related to your software version.

So, by hiding the software version you make life harder for hackers/crackers. Of course you should, at all times, keep your system up to date, but in case you forget or something happens and you are unable to do so, why not take extra care and give as little information as possible to the outside world.

I will now show you how to change this default behavior for some popular software on Ubuntu 8.04.1 Server.

Read the full article at:
http://www.linuxsecurityforum.org/f5/hiding-software-versions-a-step-forward-to-a-t179.html

More in Tux Machines

Tanglu 3.0 Alpha Out Now Based on Debian 8 Jessie, Offers GNOME 3.16 and KDE Plasma 5

Matthias Klumpp announced today, April 18, the immediate availability for download and testing of the first Alpha version of the upcoming Tanglu 3 Linux operating system. Read more

EXT4 In Linux 4.1 Adds File-System Level Encryption

The EXT4 file-system updates for the Linux 4.1 kernel have been sent in and it features the file-system-level encryption support. Earlier this month we wrote about the newly-published patches for EXT4 encryption support coming out of Google and intended to land in the next major release of Android. Those patches for file-system-level encryption will now be landing upstream with the Linux 4.1 kernel update. Besides this native encryption support for EXT4, the rest of the updates for this merge window pull request equate to mainly fixes. More details via the pull request itself. Read more

Manjaro Linux 0.8.13 Pre1 Released for Testing with KDE Plasma 5.2.2 and Xfce 4.12

The Manjaro development team announced that the first Preview release of the upcoming Manjaro Linux 0.8.13 operating system is now available for download in Xfce and KDE Live CD flavors. Read more