From owner-freebsd-doc@FreeBSD.ORG  Thu Feb  3 14:40:24 2005
Return-Path: <owner-freebsd-doc@FreeBSD.ORG>
Delivered-To: freebsd-doc@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3416216A4D2
	for <freebsd-doc@hub.freebsd.org>;
	Thu,  3 Feb 2005 14:40:24 +0000 (GMT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 86DCC43D3F
	for <freebsd-doc@hub.freebsd.org>;
	Thu,  3 Feb 2005 14:40:19 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id j13EeJrx080601
	for <freebsd-doc@freefall.freebsd.org>; Thu, 3 Feb 2005 14:40:19 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.1/8.13.1/Submit) id j13EeJaP080600;
	Thu, 3 Feb 2005 14:40:19 GMT
	(envelope-from gnats)
Date: Thu, 3 Feb 2005 14:40:19 GMT
Message-Id: <200502031440.j13EeJaP080600@freefall.freebsd.org>
To: freebsd-doc@FreeBSD.org
From: Brad Davis <so14k@so14k.com>
Subject: Re: docs/77058: Add note to the effect that security by obscurity
	is not security.
X-BeenThere: freebsd-doc@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Brad Davis <so14k@so14k.com>
List-Id: Documentation project <freebsd-doc.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-doc>
List-Post: <mailto:freebsd-doc@freebsd.org>
List-Help: <mailto:freebsd-doc-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Feb 2005 14:40:24 -0000

The following reply was made to PR docs/77058; it has been noted by GNATS.

From: Brad Davis <so14k@so14k.com>
To: Ceri Davies <ceri@submonkey.net>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: docs/77058: Add note to the effect that security by obscurity is not security.
Date: Thu, 3 Feb 2005 07:36:53 -0700

 Oh my. Thanks for catching my mistakes.
 
 
 Regards,
 Brad
 
 --- doc-ori/en_US.ISO8859-1/books/handbook/network-servers/chapter.sgml 
 Thu Feb  3 04:20:21 2005
 +++ doc/en_US.ISO8859-1/books/handbook/network-servers/chapter.sgml     
 Thu Feb  3 04:28:32 2005
 @@ -4177,9 +4177,16 @@
          <para>Permitting version lookups on the <acronym>DNS</acronym>
            server could be opening the doors for an attacker.  A
            malicious user may use this information to hunt up known
 -         exploits or bugs to utilize against the host.  A false version
 -         string can be placed the <literal>options</literal> section of
 -         <filename>named.conf</filename>:</para>
 +         exploits or bugs to utilize against the host.</para>
 +
 +   <warning>
 +     <para>This will not protect you from exploits. Only upgrading to a
 +       version that is not vulnerable will protect your server.</para>
 +   </warning>
 +
 +   <para>A false version string can be placed the
 +     <literal>options</literal> section of
 +     <filename>named.conf</filename>:</para>
 
          <programlisting>options {
           directory       "/etc/namedb";