That's why I allways try to modify this lines in src/include/httpd.h under the Apache source tree wheh I compile:
#define SERVER_BASEPRODUCT "Apache"
#define SERVER_BASEREVISION "1.3.27"
Oh, yeah!! And be sure to set ServerTokens to "Min" in your Apache config. file.
I see you have a very good point about upgrading "base" software (software that other programs relays on). We have over here some serious issues with production servers that nobody knows exactly how they're working. Let alone trying to update OpenSSL. It could take weeks to get it working.
On the other hand, I really don't see how is more secure to update using Microsoft scheme. As far as I understand, if someone brokes on Bill's servers, they would propagate bogus packages, in fact binary bogus packages, making the detection one hundred times more difficult.
IMHO...
I've always had followed closely the bugtraq list, and I belive strongly it's cutting edge anything goes security... wonder how the Symantec staff would moderate it
Slashdot Mirror
That's why I allways try to modify this lines in src/include/httpd.h under the Apache source tree wheh I compile: #define SERVER_BASEPRODUCT "Apache" #define SERVER_BASEREVISION "1.3.27" Oh, yeah!! And be sure to set ServerTokens to "Min" in your Apache config. file.
I see you have a very good point about upgrading "base" software (software that other programs relays on). We have over here some serious issues with production servers that nobody knows exactly how they're working. Let alone trying to update OpenSSL. It could take weeks to get it working. On the other hand, I really don't see how is more secure to update using Microsoft scheme. As far as I understand, if someone brokes on Bill's servers, they would propagate bogus packages, in fact binary bogus packages, making the detection one hundred times more difficult. IMHO ...
1st post!!!! Yeahhh!!
I've always had followed closely the bugtraq list, and I belive strongly it's cutting edge anything goes security ... wonder how the Symantec staff would moderate it