[Zope] Hiding header?
Tino Wildenhain
tino at wildenhain.de
Wed Jan 5 10:20:31 EST 2005
On Thu, 2005-01-06 at 02:11 +1100, Andrew Milton wrote:
> +-------[ Tino Wildenhain ]----------------------
> | On Wed, 2005-01-05 at 09:55 -0500, Shane Graber wrote:
> | > Yes, but that's no reason why not to lock down other items as well.
> |
> | Paint a door just in a different color does not really mean you locked
> | it.
>
> Noone is saying, don't lock it. Noone is saying that removing version numbers
> is a solution by itself. But it certainly ADDS something.
>
> If it didn't there wouldn't be such an effort to prevent OS types and versions
> from being decoded by passive scanning.
Hm. most of the time - and in this case - its just overkill.
The only real gain I see is you save some bytes to transfer
over the web.
Attackers choose the simplest way to get in - and a running zope
just is not. So better spent the time in making all that other
services even close to the secureness of zope. Next you can think
about hiding the version number.
Just my thinking :-)
Regards
Tino
More information about the Zope
mailing list