> > Does anybody has enough information to write a NASL script (other than > just verifying the version number)? > hmmm lets keep a watch on our logs, for now. if you want to hide the fact that you are running php, in <localpath/etc/php.ini> do this: ; ; Misc ; ; Decides whether PHP may expose the fact that it is installed on the server ; (e.g. by adding its signature to the Web server header). It is no security ; threat in any way, but it makes it possible to determine whether you use PHP ; on your server or not. expose_php = Off also review the other settings that may affect your security. see these also: http://lists.bikkel.org/archive/whitehat/Week-of-Mon-20020128/001846.html -- Michael Scheidell SECNAP Network Security, LLC (561) 368-9561 scheidellat_private http://www.secnap.net/
This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 04:27:03 PST