15 Mar
2003
15 Mar
'03
11:13 p.m.
Hi, On Sat, Mar 15, 2003 at 02:37:18PM -0800, Jamie Heilman wrote:
Dylan Reinhardt wrote:
Both of which will return graphics positively identifying your server as Zope unless you've taken measures to the contrary. Oops.
Hmm. There are million ways to fingerprint zope, I suppose those are as good as any.
http://www.yourserver.com/HelpSys cleary identifies Zope but also list "some of" the installed products (those which have documentation). /HelpSys shouldn't be available to anonymous users. Knowing which products are installed, attack is easier. bye, Jerome Alet