Removing Signatures From Various Packages

Version 1.0.0
Author: Michel Käser <info [at] rackster [dot] ch>

This tutorial shows you how to remove the Debian signature/version info from packages such as Apache, Postfix or SSH.

There are various reasons to remove the signature (and therefore hide that you are using Debian/a specific version). The most important one is about security. When a hacker knows the distro you are using, he can search for well-known security issues and start an attack against them. If he doesn't know the distro in use, chances to not find any security holes are much larger.

I do not issue any guarantee that this will work for you!

 

1 Apache2 HTTPd

To remove the distro and version info from Apache2 run the following:

nano /etc/apache2/apache2.conf

and append

ServerTokens Prod
ServerSignature off

at the very end of the file.

 

2 Nginx

To remove the version info from Nginx run the following:

nano /etc/nginx/nginx.conf

and append

server_tokens off;

at the very end of the file.

To remove the server/software name from Nginx you need to compile Nginx from source. You can find a tutorial about that here: http://www.howtoforge.com/building-nginx-from-source-on-debian-squeeze.

Make sure to include the HeadersMore module (http://wiki.nginx.org/HttpHeadersMoreModule) and add it during package configuration, e.g.:

--add-module=/usr/local/src/headers-more-nginx-module-0.21

Later on, you can clear the server header by appending

more_clear_headers 'Server';

to /etc/nginx/nginx.conf.

 

3 PHP

To hide that you are using PHP, run the following:

nano /etc/php5/apache2/php.ini
nano /etc/php5/cgi/php.ini
nano /etc/php5/cli/php.ini
nano /etc/php5/fpm/php.ini

and set

; Decides whether PHP may expose the fact that it is installed on the server
; http://php.net/expose-php
expose_php = Off

in every file.

 

4 Postfix

To remove the distro information from Postfix, run the following:

nano /etc/postfix/main.cf

and replace

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

with

smtpd_banner = $myhostname ESMTP $mail_name

 

5 SSH

To remove the distro information from SSH Daemon, run the following:

nano /etc/ssh/sshd_config

and append

DebianBanner no

at the very end of the file.

Share this page:

0 Comment(s)

Add comment