Date: Tue, 14 Sep 1999 03:29:51 -0500 From: "Jeffrey J. Mountin" <jeff-ml@mountin.net> To: dmaddox@conterra.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: How to prevent motd including os info Message-ID: <3.0.3.32.19990914032951.00843540@207.227.119.2> In-Reply-To: <19990913210513.A3167@dmaddox.conterra.com> References: <3.0.3.32.19990913191825.00ad66f0@207.227.119.2> <4.1.19990913003757.0096b660@mail.thegrid.net> <4.1.19990913003757.0096b660@mail.thegrid.net> <19990913173532.A842@dmaddox.conterra.com> <3.0.3.32.19990913191825.00ad66f0@207.227.119.2>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:05 PM 9/13/99 -0400, Donald J . Maddox wrote: >Sigh. This point is not worth all this discussion, but _again_... Which point? Or are you referring to the STO policy. >There may not be ANYTHING *BSD in the jail environment, let alone >'strings'. Again, assumptions. Import or export for analysis. >The point of my original question was just to find out how NOT to >make the OS flavor readily apparent. That there are good reasons >for doing so is not a point I am going to debate. We've all seen >the 'security through obscurity' debates rehashed on these lists >MANY times. Let's not do it again. I only mentioned STO once and agree on leaving *that* horse dead. Still doesn't mean partisanship to either side of the arguement. Many good ideas. Since you left a few holes in your "suggestion," it seemed worth taking a couple shots at immediate holes that come to mind. Based on assumptions, truely, but your suggestion doesn't have much substance either. Didn't care to defend your idea either or add sugestions based on what I percieve you to be doing. All too easy to "cripple" a shell account to uselessness and I've never seen any discussion on the list about such a method to "secure" a system. Could suggest that if a jail is unbreakable, then why... That would be STO, IMO, but is not my point. Fact is there are many good methods of securing a system. Doing so piecemeal may not be worth much at all. The original direction of this thead was such that it was worth pointing out STO wouldn't work with so many ways to figure out what OS/version you are on. Unless you show how to plug them all *then* continuing this discussion is pointless. As it turns out the originater only didn't want to see the MOTD, which show that it didn't really belong here in the first place and shifted the context of the question. Care to breath some life into your idea? I'll admit curiousity. May not agree with the basis of the idea, but should it be sound and have merit, then surely others on the list may be interested. Otherwise I'll keep my rifle ready, but don't take it personally (not that I think you are). 8-) cheers! Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve '86 Yamaha MaxiumX (not FBSD powered) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19990914032951.00843540>