> > > > Because if I know what kind of server it is, I can plan my attack > > strategy accordingly. It's called a passive attack. I investigate > > what I'm dealing with, "Ooh! IIS6!" and go from there, "I can use > xyz > > attack to break in!" > > Doing this is generally called "security through obscurity", and if > you talk to security people, they will tell you that "security > through > obscurity is not real security". > I never said this was a pancea :) Yes, I agree (and understand) that this alone doesn't do much, but Every Little Bit Helps(tm), no?