[22505] in bugtraq
Re: Fw: easy remote detection of a running tripwire for webpages
daemon@ATHENA.MIT.EDU (Matthew Wakeling)
Mon Sep 3 19:08:41 2001
Date: Mon, 3 Sep 2001 09:15:24 +0100 (BST)
From: Matthew Wakeling <mnw21@bigfoot.com>
To: bugtraq@securityfocus.com
In-Reply-To: <014a01c1325d$c82e9d50$d342a8c0@cariatide>
Message-ID: <Pine.LNX.4.21.0109030912140.13092-100000@server2.jumpleads.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 31 Aug 2001, Juan Vera wrote:
>
> # echo "ServerTokens Min" >> /whatever/httpd.conf
> # cp `which httpd` .
> # ed httpd
> 507904
> ,s/Apache\/1.2.34/YOUWONTKNOW!!/g
> w
> 507904
> q
> # ./httpd
Except that this gives away the number of characters in the original
version string.
Not too strong a hint, but there you go.
Matthew
--
Riker: Our memory pathways have become accustomed to your sensory input.
Data: I understand - I'm fond of you too, Commander. And you too Counsellor
