Security and Cryptography
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsSystem AdministrationSecurity and Cryptography
Reload this Page

OS security

Discuss OS security in the Security and Cryptography forum on Dev Shed.
OS security Security and Cryptography forum discussing issues related to coding, server applications, network protection, data protection, firewalls, ciphers and the like.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old April 27th, 2003, 04:14 AM
Alianto Alianto is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Oct 2002
Posts: 61 Alianto User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 9 m 2 sec
Reputation Power: 7
OS security
Hi,

I have a few things that I need to know, thus, I hope anyone smart out there could answer some of these questions.

I am wondering if it's possible for a client web-browser to query the server, so that it knows what OS the server is running and what applications it uses to host its website (e.g. php, java, apache, etc)?

If it's possible, isn't it a big security issue?


Ali
Reply With Quote
  #2  
Old April 27th, 2003, 04:28 AM
a.koepke's Avatar
a.koepke a.koepke is offline
Second highest poster :p
Dev Shed God 5th Plane (7000 - 7499 posts)
  
Join Date: Jul 2001
Posts: 7,323 a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level)a.koepke User rank is Sergeant (500 - 2000 Reputation Level) 
Time spent in forums: 8 h 13 m 55 sec
Reputation Power: 27
Well it is possible, and you can disable it if you wish, security by obscurity. Apache has an option in the config so all it reports is Apache and doesnt reveal any modules or versions. I really don't see how its that much of an issue if everything is kept upto date with security patches and the like. Netcraft have a section on their site where you can find out what OS a server is running - http://uptime.netcraft.com
__________________
- Andreas Koepke

Koepke Photography

Reply With Quote
  #3  
Old April 28th, 2003, 11:19 AM
Narek Narek is offline
Member
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Feb 2003
Location: Yerevan, Armenia
Posts: 224 Narek User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 21 h 1 m 30 sec
Reputation Power: 6
Send a message via ICQ to Narek
Generally most network daemons identify themselves by default. Also telnet sometimes (as far as i know) gives out the os. Generally it's not a security issue, more over many servers post such info on their web sites.
Reply With Quote
Reply

Viewing: Dev Shed ForumsSystem AdministrationSecurity and Cryptography > OS security

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 6 hosted by Hostway
Stay green...Green IT