I ran a Nessus scan on my system, and for the few ports I had open, I got this message:

The remote web server type is:

BLAH BLAH BLAH

We recommend that you configure your server to return a bogus version.


Where do I go to do that? Is there one specific file, or am I going to have to search my entire computer?

Thanks.


Dark Ninja

Well, for apache (i think you're reffering to that) you would have to edit httpd.c because the version is hardcoded after compilation...but anyway why would anyone change the version?

One reason for changing the version to a bogus one may be to throw attackers a bit off balance? If you broadcast the correct version, they know what vulnerabilities to look for in that version.

Just a thought .....

Cheers :)

That's exactly the reason. The other two servers I have running that need changed are CUPS and SSH - and, there is no httpd.c anywhere on my system. Well...if anybody knows, I'd appreciate it.


Dark Ninja

[ 17 March 2002: Message edited by: Dark Ninja ]