Penetration Testing mailing list archives
Re: Avoiding Postfix Fingerprinting
From: Joachim Schipper <j.schipper () math uu nl>
Date: Tue, 8 Mar 2005 17:49:56 +0100
On Tue, Mar 08, 2005 at 12:20:24PM +0100, Isidro Labrador wrote:
I have run nessus against a remote machine, and it has discovered that the server is running postfix 1.1.11. Nessus has fingerprinted the server through smtpscan (plugin 11421). The question is: is there a way to avoid being fingerprinted in Postfix? Thanks in advance for your answers, Regardes Isidro Labrador Rodr?guez
See postconf(5), under smtpd_banner. (I'm pretty sure Nessus just grabs
the banner; however, some more advanced fingerprinting is possible, if
someone is very knowledgeable.)
Joachim
Current thread:
- Null Session Wbsony (Mar 07)
- Re: Null Session H D Moore (Mar 07)
- Avoiding Postfix Fingerprinting Isidro Labrador (Mar 08)
- Re: Avoiding Postfix Fingerprinting Joachim Schipper (Mar 08)
- Re: Avoiding Postfix Fingerprinting Javier Fernandez-Sanguino (Mar 09)
- Re: Avoiding Postfix Fingerprinting Olivier Fauchon (Mar 09)
- Re: Avoiding Postfix Fingerprinting Michel Arboi (Mar 10)
- Re: Avoiding Postfix Fingerprinting Michel Arboi (Mar 10)
- Avoiding Postfix Fingerprinting Isidro Labrador (Mar 08)
- Re: Null Session H D Moore (Mar 07)