Language Selection

English French German Italian Portuguese Spanish

Hiding Software Versions - A Step Forward to a Secure Server

Filed under
HowTos

Hiding Software Versions - A Step Forward to a Secure Server
By drendeah

Most of you may not notice, or may not care, about the software versions that get revealed by the running services on your server. By default almost all services reveal some information to the clients that use them. Among this information is the version of the software that is being run. It has always been best practice, not to reveal more than it is needed. Why reveal the version of the service when nobody needs to know it? By letting these details be seen, you don't get anything else, but an extra chance for crackers to break into your server.

Let's suppose that you have an old software running, and it's configured to show it's version. For a cracker who scans the internet periodically it will be very easy to hack into your server if he already has some knowledge about your server. You will help him narrow his attempts only to those related to your software version.

So, by hiding the software version you make life harder for hackers/crackers. Of course you should, at all times, keep your system up to date, but in case you forget or something happens and you are unable to do so, why not take extra care and give as little information as possible to the outside world.

I will now show you how to change this default behavior for some popular software on Ubuntu 8.04.1 Server.

Read the full article at:
http://www.linuxsecurityforum.org/f5/hiding-software-versions-a-step-forward-to-a-t179.html

More in Tux Machines

A scalable tool for deploying Linux containers in high-performance computing

One increasingly popular approach is container-based computing, designed to support flexible, scalable computing. Linux containers, which are just now beginning to find their way into the HPC environment, allow an application to be packaged with its entire software stack, including portions of the base operating system files, user environment variables and application "entry points." Read more

Lenovo teams up with Red Hat, offers hefty rebates in bids to boost server business (and other Red Hat news)

AMD Linux Graphics: The Latest Open-Source RadeonSI Driver Moves On To Smacking Catalyst

Following this weekend's Radeon R9 Fury open-source Linux driver tests with the DRM-Next code to be merged into Linux 4.3, the latest Mesa 11.1-devel Git code, and LLVM 3.8 SVN for the AMDGPU compiler back-end, I proceeded to run some bleeding-edge open-source Radeon Gallium3D graphics versus AMD Catalyst Linux benchmarks on Ubuntu. Read more

GNOME's Evolution 3.18 Email Client Gets a Second Beta Build with Multiple Bugfixes

The GNOME Project is currently working on updating packages for the second Beta build towards the GNOME 3.18 desktop environment, due for release later this month, on September 23. Read more