On 16.12.2017 17:29, Bo Berglund wrote:
> If there is a commit to a tag operation, how can I find out which is
> the tag and which files carry that tag?
We'll have to dispel some misconceptions. Subversion's data model is
significantly different from CVS's. Tags (and branches) are not
properties o
On 16.12.2017 21:25, Daniel Shahaf wrote:
> Eric Johnson wrote on Sat, Dec 16, 2017 at 07:05:52 -0800:
>> Hiding that information slows the drive-by attackers down,
> Hiding that information is a pretty clear signal that "I think I'm an
> interesting target", though. Everyone who's serious about s
Eric Johnson wrote on Sat, Dec 16, 2017 at 07:05:52 -0800:
> Hiding that information slows the drive-by attackers down,
Hiding that information is a pretty clear signal that "I think I'm an
interesting target", though. Everyone who's serious about security knows
that the right answer is to config
If there is a commit to a tag operation, how can I find out which is
the tag and which files carry that tag?
I am trying to use svnlook for this on a repository converted from CVS
when investigating how to create a commit hook that will give me the
information about the files as well as the tag na
Hiding the version information is but a piece of the puzzle. It won’t save
a server from a persistent attacker. However, hiding the server software,
and the software version, makes it harder for “drive-by” attackers to
discover that your server is vulnerable. They don’t generally want to spend
the
On 12/16/2017 5:38, Branko Čibej wrote:
On 15.12.2017 16:15, Dhanushka Parakrama wrote:
Hi All
Is there any configuration where i can hide the subversion version
details .Please see copied image Inline images 1
You could start by telling us *where* you see that image. In a browser,
I presume
OT, but you can see one here:
http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-44ver2.pdf
(specifically, section 5.1: Reconfigure HTTP service banner (and others as
required) not to report Web server and OS type and version )
There are, of course, mandates to use up to date s
This sounds like the ServerSignature directive
https://httpd.apache.org/docs/2.4/mod/core.html#serversignature
Have you turned it off?
On Fri, Dec 15, 2017 at 7:15 AM, Dhanushka Parakrama <
parakrama1...@gmail.com> wrote:
> Hi All
>
> Is there any configuration where i can hide the subversion
On 15.12.2017 16:15, Dhanushka Parakrama wrote:
> Hi All
>
> Is there any configuration where i can hide the subversion version
> details .Please see copied image Inline images 1
You could start by telling us *where* you see that image. In a browser,
I presume? Generated by which server? It's cer
On 15.12.2017 20:10, Matt Simmons wrote:
> Many documents relating to information security compliance require
> blocking visible software version information.
Interesting documents. I'd have expected them to require all software to
be patched to fix all known security bugs. I thought the "security
10 matches
Mail list logo
