Security by obscurity

This simple guide will help you secure your server in indirect way by hiding software versions from possible attackers. This can help you prevent many automated attacks and attacks based on software version number. If a hacker want’s to probe your system for hole he’ll start from collecting all version numbers from your running services. This guide will teach you setup common services not to give away their version numbers. This is called Security by obscurity and it’s not something to rely on but it can lower chances of getting your system hacked.

Apache (Web Server)
Let’s start with Apache first. It’s config file should at path

/etc/httpd/conf/httpd.conf

Open that with an editor of choice. I allways suggest Midnihgt Commander but you can use ant other editor like pico or vi. In Midnignt Commander open file for editing by pressing F4 while the file is selected.

Locate those two lines and set it as follows. If you cant find them – add them.

ServerSignature Off
ServerTokens Prod

Server Signature will remove the identification of Apache version from error pages, and ServerTokens will identify Apache as “apache” without version number or OS information. Save the file and restart the Apache.

service httpd restart

Named (DNS Server)
Next we will disable named from giving away his version. Open named config file at path

/etc/named.conf

Search for line

query-source address * port 53;

Add a line right below it with add (if it doesn’t exist)

version "Named";

Save and restart named using

service named restart

Exim (Email Server)
Next we will disable the version numbers in Exim. If you are not running Exim there is no need to do this section. Exim config is at path

/etc/exim.conf

and if it could not be located, it probably means that you do not use Exim. Search for

smtp_banner = "${primary_hostname

This is the welcome message for the email server. You can put anything in here. Here’s a sample message

smtp_banner = "${primary_hostname} MailServer \n\We do not authorize the use of this system to transport unsolicited, \n\and/or bulk e-mail."

Save the config and restart Exim.

service exim restart

Remeber this is just security though obscurity and you still need to keep the server updated! This is just going to stop some people from finding your server in the first place by automated scanning. It will not help at all if somebody is trying to actually hack the server.

NOTE:
– This guide will just hide software version numbers from possible hacker. The less they know the weaker they are so Shhhhh!!!!
– Use this information at your risk. I’m not responsible for any damage that may occur by (mis)use of this data.

Source: eth0.us

This post helped you out? Why not buy me a coffee?

Amount
Your message for me
How to install Midnight Commander?
How to setup and use iptables

Leave a Reply

Your email address will not be published / Required fields are marked *