Security Incidents mailing list archives
Re: HTTP attack looking for /sumthin ?
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Sat, 19 Oct 2002 01:06:56 +0200 (CEST)
On Fri, 18 Oct 2002, Patrick Oonk wrote:
Add the lines ServerTokens prod ServerSignature no to your Apache config (httpd.conf) to prevent the server from disclosing this information.
ServerTokens ProductOnly # Optionally add a line containing the server version and virtual host # name to server-generated pages (error documents, FTP directory listings, # mod_status and mod_info output etc., but not CGI generated documents). # Set to "EMail" to also include a mailto: link to the ServerAdmin. # Set to one of: On | Off | EMail ServerSignature Off According to the build in instructions, online manual and FAQ. http://httpd.apache.org/docs/misc/FAQ-E.html#serverheader http://httpd.apache.org/docs/mod/core.html But do not expect to gain much security. Hugo. -- All email sent to me is bound to the rules described on my homepage. hvdkooij () vanderkooij org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of sysadmins, for they are subtle and quick to anger. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- HTTP attack looking for /sumthin ? jmaywood1975 (Oct 17)
- Re: HTTP attack looking for /sumthin ? cory (Oct 17)
- Re: HTTP attack looking for /sumthin ? Scott C. Kennedy (Oct 17)
- Re: HTTP attack looking for /sumthin ? H C (Oct 17)
- <Possible follow-ups>
- Re: HTTP attack looking for /sumthin ? zeno (Oct 17)
- RE: HTTP attack looking for /sumthin ? Esler, Joel (Oct 17)
- Re: HTTP attack looking for /sumthin ? Johnny Calhoun (Oct 17)
- Re: HTTP attack looking for /sumthin ? Patrick Oonk (Oct 18)
- Re: HTTP attack looking for /sumthin ? Hugo van der Kooij (Oct 18)
- Re: HTTP attack looking for /sumthin ? Patrick Oonk (Oct 18)
- Re: HTTP attack looking for /sumthin ? Fred Williams (Oct 17)
- RE: HTTP attack looking for /sumthin ? Beckett, Josh (Oct 17)
- Re: HTTP attack looking for /sumthin ? cory (Oct 17)