(no subject)

ken_i_m at elegantinnovations.net ken_i_m at elegantinnovations.net
Fri Mar 5 13:57:02 PST 2004


On Fri, Mar 05, 2004 at 09:32:54PM +0000, Christopher James Coleman (ug97cjc at cs.bham.ac.uk) wrote:
> On Fri, 5 Mar 2004, Michael Labuschke wrote:
> > Proftpd  it does not say its version number in the welcome msg anymore.
> 
> If you have to use plain ftp, use vsftpd. I have read through the code (
> though I should not be considered as any sort of authority ), and it
> ranges from worrying ( wu-ftpd ) through to really good ( vsftpd ).

Since you are an admited non-authority then this is really just a matter 
of personal preference.  As such I prefer proftpd.  However, since you 
have "read through the code" does vsftpd support ftp over tls?

> > OpenSSH changed version to "SSH_3.2.3"
> 
> This may `trick' people into thinking you are running a version. 

About the only time suppressing a daemon's banner really matters is 
during a "vulnerability window".  Since you are applying the patch 
within minutes it is a moot point. :-)

The other reason I have come to this opinion is that a friend's 
hobby is fingerprinting daemon's.  He is rather good at it.

Lastly, if the 'kiddies cared why do I get all the crap winblows 
probes against my easily identified Linux boxes? (rhetorical question)
-- 
I think, therefore, ken_i_m
Chief Gadgeteer, Elegant Innovations
Founder, Bozeman Linux Users Group
(406) 581-0495



More information about the hlfs-dev mailing list