Hiding Banner

Petr Herman herman at zoner.com
Wed Sep 14 09:19:19 EDT 2005


Hi,

if you want, use my patch ;-)


diff -urN cyrus-imapd-2.2.12/imap/imapd.c cyrus-imapd-2.2.12-new/imap/imapd.c
--- cyrus-imapd-2.2.12/imap/imapd.c     2005-02-14 07:39:55.000000000 +0100
+++ cyrus-imapd-2.2.12-new/imap/imapd.c 2005-06-17 13:51:13.578552525 +0200
@@ -820,8 +820,7 @@
      const char *err;

      prot_printf(imapd_out,
-               "* OK %s Cyrus IMAP4 %s server ready\r\n", config_servername,
-               CYRUS_VERSION);
+               "* OK %s\r\n", config_servername);

      ret = snprintf(motdfilename, sizeof(motdfilename), "%s/msg/motd",
                    config_dir);
diff -urN cyrus-imapd-2.2.12/imap/pop3d.c cyrus-imapd-2.2.12-new/imap/pop3d.c
--- cyrus-imapd-2.2.12/imap/pop3d.c     2005-01-04 16:06:13.000000000 +0100
+++ cyrus-imapd-2.2.12-new/imap/pop3d.c 2005-06-17 13:51:49.440128511 +0200
@@ -423,9 +423,8 @@
         syslog(LOG_WARNING, "APOP disabled: can't create challenge");
      }

-    prot_printf(popd_out, "+OK %s Cyrus POP3%s %s server ready %s\r\n",
-               config_servername, config_mupdate_server ? " Murder" : "",
-               CYRUS_VERSION, popd_apop_chal);
+    prot_printf(popd_out, "+OK %s %s\r\n",
+               config_servername, popd_apop_chal);
      cmdloop();

      /* QUIT executed */



Timo Schoeler wrote:
>>>         I am new to cyrus. I have manage to installed cyrus-imapd
>>>2.2.12-9 on FC1. For security reasons, i need to change the Banner of
>>>cyrus-imapd server. When i do telnet localhost 110 , i gets * OK
>>>netserv Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-9 server ready, how can
>>>i change it as per my requirement??? I am having source rpm with me.
>>>Can any body help me out ???
>>
>>
>>>Amod Sutavane.
>>
>>
>>http://www.google.com/search?hl=en&q=security+by+obscurity&btnG=Google+Search
>>
>>Better keep your system secure 
> 
> 
> yes.
> 
> 
>>then trying to camouflage.
> 
> 
> nope. a combination of both :)
> 
> imagine running production systems, a bug in the current stable is
> discovered but (as you run production systems) you're not able to
> upgrade them within a few minutes and in the mid of a week.
> 
> hiding the daemon from a possible intruder is /very/ nice in this case.
> 
> not everybody is willing to run beta software/bleeding edge early
> adopter's stuff on a PeeCee w/o redundant PSUs/HDs/etc. w/o ECC
> connected to an ADSL line. however, there's a lot of people willing to
> do so. but that's not a sign for the best solution (TM).
> 
> 
>>Btw. you are running an EOL (end of lifetime) Linux distribution
>>release. Think about that.
>>
>>Alexander
> 
> 
> cheers,
> 
> timo
> ----
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html




More information about the Info-cyrus mailing list