[Zope] Banner Grabbing

Jamie Heilman jamie at audible.transient.net
Tue Sep 30 22:05:16 EDT 2003


Robert Segall wrote:
> Actually this is useful: if you have a proxy in front of Zope and it passes 
> the headers through unchanged any attacker will try to attack Zope rather 
> than the proxy. Of course, it won't work.
>
> This is a bit of "security through obscurity", but any little bit helps. In 
> the Pound logs we see every day quite a few nasty attempt against IIS servers 
> which fail because Pound rejects them...

Stop.  Read what you've said, it doesn't make any sense.  You're
claiming an attacker won't target your proxy server because it doesn't
identify itself to the client.  Then you turn right around and admit
you see several attempted IIS exploits in your logs every day.  Does
your Zope server identify itself as IIS, does your gateway server?
See where I'm going with this?

-- 
Jamie Heilman                     http://audible.transient.net/~jamie/
"I was in love once -- a Sinclair ZX-81.  People said, "No, Holly,
 she's not for you." She was cheap, she was stupid and she wouldn't
 load -- well, not for me, anyway."                     -Holly



More information about the Zope mailing list