Developers Documentation

×

Warning

0 error for file:https://clearos.com/dokuwiki2/lib/exe/css.php?t=dokuwiki&tseed=82873f9c9a1f5784b951644363f20ef8

User Tools

Site Tools


Remote OS Available

Security Metrics may claim that the ability for an attacker to determine what OS is running on your server may embolden or give them specific knowledge about how to best attack your server.

ClearCenter disagrees. Knowledge of a server's OS can give an attacker and advantage if the underlying OS is prone to exploits or specific attacks. On the other side of this issues however is the fact that in some cases it can also be a deterrent.

Additionally, any competent hacker will be able to derive specifics about an OS through other means and testing against the same web server through other means.

ClearCenter response

Short response

This issue does not present a tangible risk to the running system.

Long response

Obfuscation of the underlying Operating System is not a requirement of any known compliance directive. This issue does not present a significant risk and speculates that knowing the OS will embolden and not drive away a potential threat. It is our assumption as well that knowledge that the underlying operating system such as ClearOS which is running as a well tested and frequently updated system which may also contain subsystems designed with Cloud notification of compromises and service outages will discourage hackers and hacking attempts.

Resolution

If you want to remove the OS and version reported by your Apache Web Server, perform the following:

First, establish a baseline by looking at your own headers:

curl --head localhost

Next, modify the /etc/httpd/conf/httpd.conf file and change the following two lines:

ServerSignature On
Server Tokens OS

to:

ServerSignature Off
Server Tokens Prod

(optional) … and while you are at it, close down php from revealing its version as well by modifying /etc/php.ini and changing:

expose_php = On

to this:

expose_php = Off

Restart the web service:

service httpd restart

Lastly, re-examine the reporting service:

curl --head localhost
content/en_us/kb_3rdparty_security_metrics_remote_os_available.txt · Last modified: 2015/01/29 09:46 (external edit)

https://clearos.com/dokuwiki2/lib/exe/indexer.php?id=content%3Aen_us%3Akb_3rdparty_security_metrics_remote_os_available&1569249600