Re: CRIME Netcraft Ethics

From: Alan (alan@private)
Date: Sun Jun 23 2002 - 10:31:12 PDT

Next message: SCRIMSHER,JOHN (HP-Corvallis,ex1): "RE: CRIME EarthLink Password Security Story"

Previous message: Zot O'Connor: "Re: CRIME Netcraft Ethics"
In reply to: Crispin Cowan: "Re: CRIME Netcraft Ethics"
Next in thread: brvarin@private: "Re: CRIME Netcraft Ethics"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2002-06-21 at 15:45, Crispin Cowan wrote:
> Jimmy S. wrote:
> 
> >I would like to pose a question?  Does anyone else have a problem with
> >Netcraft sweeping the web looking vulnerable servers to latest IIS buffer
> >overflow?
> >
> Considering that bad guys can (and do) do exactly the same thing, but 
> with malicious intent, I have no problem at all with Netcraft collecting 
> this data. As brvarian said, if you don't want this data collected, 
> don't advertise it. If you are even half-way concerned about security, 
> then you should not be advertising (accurate) application banners anyway.

Sounds like a useful module for Apache.  "mod_random_version" Have
Apache return with a randomly generated bogus version each time it is
contacted.

But if that happened, Apache's percentage in the Netcraft stats would go
down and the terrorists would win.

Next message: SCRIMSHER,JOHN (HP-Corvallis,ex1): "RE: CRIME EarthLink Password Security Story"
Previous message: Zot O'Connor: "Re: CRIME Netcraft Ethics"
In reply to: Crispin Cowan: "Re: CRIME Netcraft Ethics"
Next in thread: brvarin@private: "Re: CRIME Netcraft Ethics"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jun 23 2002 - 12:34:43 PDT