[CentOS-devel] Customize Web Server Errors

John Summerfield debian at herakles.homelinux.org
Tue Apr 1 23:54:38 UTC 2008

mouss wrote:
> Alain Reguera Delgado wrote:

> the first thing I do when I setup a web server is disable any place that 
> advertizes what OS and what version it is running. call it security by 

I meant to byte on this too.

 From examining my logs, I've come to think that the notion that this 
helps security is, along with detecting portscans, one of those security 

People who attack my webserver don't appear to test to see what 
webserver I'm using, they just run their toolkit over it. Many times, 
they try to crack my IIS even though it's actually Apache, exactly as it 

Just as they try these, even though there's not Windows box in sight:
    From - 3 packets
       To - 3 packets
          Service: 1026 (udp/1026) (Shorewall:net2fw:DROP:,ppp0,none) - 
1 packet
          Service: 1027 (udp/1027) (Shorewall:net2fw:DROP:,ppp0,none) - 
1 packet
          Service: 1028 (udp/1028) (Shorewall:net2fw:DROP:,ppp0,none) - 
1 packet

If a program such as nmap can detect what your OS is, then if a cracker 
wants to attack Apache sites, it's fair bet that if you're running *X 
then you're also running Apache.



-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice

You cannot reply off-list:-)

More information about the CentOS-devel mailing list