On Thu, 2005-01-06 at 02:11 +1100, Andrew Milton wrote:
+-------[ Tino Wildenhain ]---------------------- | On Wed, 2005-01-05 at 09:55 -0500, Shane Graber wrote: | > Yes, but that's no reason why not to lock down other items as well. | | Paint a door just in a different color does not really mean you locked | it.
Noone is saying, don't lock it. Noone is saying that removing version numbers is a solution by itself. But it certainly ADDS something.
If it didn't there wouldn't be such an effort to prevent OS types and versions from being decoded by passive scanning.
Hm. most of the time - and in this case - its just overkill. The only real gain I see is you save some bytes to transfer over the web. Attackers choose the simplest way to get in - and a running zope just is not. So better spent the time in making all that other services even close to the secureness of zope. Next you can think about hiding the version number. Just my thinking :-) Regards Tino