On Mon, 16 Jun 2003 at 14:26:33 +0200, Stefan Neufeind wrote: > On 16 Jun 2003 at 7:00, Halil Demirezen wrote: > > > To be brief, I don't usually come accross that there is an exploit for > > only effective to debian boxes. Plus, There are lots of ways to learn > > what distribution you are running on your machine. telnet xxxx.com 80 > > and do some returns and you get the info you are running apache with > > php xxx support on debian box. > > > > This is not only ssh case. > > Well, but for e.g. php I don't see why this is necessary. Anybody > wrote a doc on how to suppress unnecessary version-messages? I'd be > really interested in such things ... >
In apache's config: ServerTokens ProductOnly ServerSignature Off -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
