[Psi-devel] version of server in service discovery
Hal Rottenberg
halr9000 at gmail.com
Wed Feb 14 14:12:27 PST 2007
Thank you Kevin, I was about to say that. Security through obscurity
is pretty meaningless. Script kiddies will just hit a server with
everything and something is bound to stick regardless of what software
is there and what ports are open.
On 2/14/07, Kevin Smith <kevin at kismith.co.uk> wrote:
> On 14 Feb 2007, at 09:14, Nicolas Vérité wrote:
> > it is well known that
> > knowing the release/version of the software/OS is a security breach,
>
> That's not quite right, the security vulnerabilities exists in the
> underlying systems - announcing what system you use at most only
> makes life faster for an intruder, and then only if you're running a
> system with known vulnerabilities.
>
> /K
>
> --
> Kevin Smith
> Psi XMPP Client Project Leader (http://psi-im.org)
>
>
>
> _______________________________________________
> psi-devel mailing list
> psi-devel at lists.affinix.com
> http://lists.affinix.com/listinfo.cgi/psi-devel-affinix.com
>
--
Psi webmaster (http://psi-im.org)
im:hal at jabber.rocks.cc
http://halr9000.com
More information about the psi-devel
mailing list