On Mon, 2006-08-21 at 11:42 -0700, [EMAIL PROTECTED] wrote: > plain text document attachment (RE:) > > > The long version: We run security check software, which makes > > > connections > > > with various services, calls up the header, and then tells us that based > > > upon the version it read in the header, this service has certain > > > vulnerabilities. > > I just have to say one more thing: > > You run security check software, and you are asking us for help in > reducing > the effectiveness of that software? Are you really more concerned with > keeping your vulnerabilities secret than in fixing them? We don't now how this software is use. Security scanners (like Nessus) has distributed architecture and agents may be installed on checked systems. In this situation banners are not important because security scanner agent has access to operating system and may exactly check installed patches/versions/... without looking at banners. And next thing: if someone wants to hide his software - he has right for that, of course this is not defence against hackers, but there is nothing bad in that. We know to little of this system/person to judge or even to offend other persons. Live and let to live others.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
