Telnet to Web Server?
Jeffrey Watts
jeffrey.w.watts at gmail.com
Thu Jun 12 18:20:58 CDT 2008
Yeah, but it's a really minor one. There are tools out there that
will give you detailed information on systems by analyzing packets and
support for certain things. Yo recuerdo Queso!
Security by obscurity helps, but not much. Patching, firewalling, and
restricting services/access are orders of magnitude more important.
:)
Jeffrey.
On Thu, Jun 12, 2008 at 6:07 PM, Geoffrion, Ron P [IT]
<Ron.Geoffrion at sprint.com> wrote:
>>>Is it necessarily considered poor web server configuration to be able to telnet into a webserver and pull off the server info?
>
> It is considered a security vunerability. By revealing OS/webserver version, you advertise potential attack vectors.
\
--
"He that would make his own liberty secure must guard even his enemy
from oppression; for if he violates this duty he establishes a
precedent that will reach to himself." -- Thomas Paine
More information about the Kclug
mailing list