Portal Home > Knowledgebase > Articles Database > How can i hide Server Type Plz
How can i hide Server Type Plz
Posted by q8root, 06-16-2008, 04:12 PM |
Helo ..
How Can i Hide My Server Type
And writing Secureb By ....
And how Can i Hide uname -a: Linux server.xxxx.net 2.6.18-ovz028stab053.14-enterprise #1 SMP Mon Jun 2 18:25:30 MSD
2008 i686
From Php Shell Like c99
i do some way to hide it But I cant hide it from php shell
think you
|
Posted by Kmurray, 06-16-2008, 04:42 PM |
You probably better using mod security so the shell doesn't work in the first place!
|
Posted by case, 06-16-2008, 04:54 PM |
You don't need mod_security to make php more secure.
|
Posted by q8root, 06-16-2008, 05:08 PM |
where can i find best rules for that ?
also how can i protect my self from hacker perl
|
Posted by q8root, 06-16-2008, 05:11 PM |
i do all that things i wont to hide kernal info from php shell
like that :
uname -a: Linux server.xxxx.net 2.6.18-ovz028stab053.14-enterprise #1 SMP Mon Jun 2 18:25:30 MSD
2008 i686
i wont to change it from the real info to secured by .....
|
Posted by The Universes, 06-16-2008, 05:12 PM |
Check out their web site:
http://modsecurity.org/
They include the core rules with it, which are pretty good.
Are you referring to perl or a hacker named perl? If your talking about perl, why not disable it for domains by default and then enable it per domain when needed.
|
Posted by The Universes, 06-16-2008, 05:14 PM |
You can modify the php shell code and have it send out the false info when uname -a is executed assuming you have control over the php shell.
|
Posted by case, 06-16-2008, 05:36 PM |
just add 'proc_open', and 'proc_close' to the disabled functions
|
Posted by q8root, 06-16-2008, 05:36 PM |
why ??
i mean i protect my self from hacker if he upload php shell
i dont wont him to see my kernal info
|
Posted by The Universes, 06-16-2008, 06:15 PM |
Then block those php shells by disabling the functions it needs, as others have suggested. All it requires is a 1 line addition to your php.ini and restart of apache.
Theres no real easy way to send the false information unless you maybe compile the kernel yourself, which is impossible in your situation since your on a OpenVZ VPS.
|
Add to Favourites Print this Article
Also Read