The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

changing OS in WHM

Discussion in 'General Discussion' started by servers24, Feb 10, 2005.

  1. servers24

    servers24 Member

    Joined:
    Feb 10, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Hi there,

    I just wanted to see if it's possible to change what WHM shows about OS or not.
    for e.g you can see something like this at the top-right side of the WHM page :

    WHM 10.0.0 cPanel 10.0.0-R7
    Fedora i686 - WHM X v3.1.0

    Now I want to change this Fedora i686 to resemle for e.g RedHat 9, so that those people on the server that want to attack the server will think that they're using RH9 and will use those hacks for RH9 only !!
     
  2. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    WHM is supposed to be for you only, no one else should see what you see there. Your customers can see the server os in their cpanel's of course, but they already have enough access to do some bad things to the server if they want.

    Anything that runs on Redhat 9 will most likely also run on Fedora... you'd be better off doing something like Windows NT 4. (However, as far as I know, changing the distro information doesn't do anything but possibly screw up Cpanel and other applications that rely on what the OS is (so they know how to behave). It isn't public information and not easily obtainable unless you have access to the server in the first place. If access to the server isn't available, then a surpringinly accurate fingerprint may be able to be obtained and analyzed remotely... which you can't do anything about.

    This is basically just security through obscurity, and not very good obscurity at that. Much better to keep up with the security notices and updates and make sure that no hacks will work in the first place.

    You can do some things like restricting apache from giving out its version number, and hiding Bind's version #, etc... They can help.
     
  3. servers24

    servers24 Member

    Joined:
    Feb 10, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Thankx for the info :)
    So what to do now to change it ?
     
    #3 servers24, Feb 10, 2005
    Last edited: Feb 10, 2005
  4. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    obviously you didn't even read my post...

    but if you want to risk breaking your server for some very dubious 'security' benefits, then I'll tell you how you might do what you want, but I take no responsibility for how you use this information or what happens if you implement this information to do what you want.

    My Redhat Enterprise 3 OS information is in /etc/redhat-release... yours should be in a similar text file... I'm fairly sure it's in /etc/fedora-release or something like that. It contains a line with the details of what OS you're running. I'm fairly sure that WHM uses the info from this file to display the OS information in CPanel.
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    However, /scripts/sysup and /scripts/rpmup also use that file - bad idea.

    Security through obscurity is not a good idea in this case. You're better off securing your server properly with a the usual list of applications and tweaks.
     
  6. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    I was thinking that up2date might rely on the file as well... (maybe yum as well)
     
  7. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    precvious posters - please dont take offence but you have said to secure your server maybe a link to a good thread that explaines how to do this would be a good idea

    the thread i found usefull was
    http://forums.cpanel.net/showthread.php?t=30159
    also i found this page handy http://eth0.us/?q=node/1

    i know a search would also find this but thought i would add it
     
  8. servers24

    servers24 Member

    Joined:
    Feb 10, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Thank you all !

    Thank you all guys. I tried changine the fedora-release and it worked !!!
    But I reversed the change as you said it may cause problems in updating the system.
    Thank you for the security hint, it was great.
     
  9. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    Heh, since you seemed so determined to do it... I figured that we could all learn exactly what it would break when you posted again. I'm sorely disappointed. :D
     
Loading...

Share This Page