docs/77058: Add note to the effect that security by obscurity is not security.

[Brad Davis]

The following reply was made to PR docs/77058; it has been noted by GNATS.

From: Brad Davis <so14k at so14k.com>
To: Ceri Davies <ceri at submonkey.net>
Cc: FreeBSD-gnats-submit at FreeBSD.org
Subject: Re: docs/77058: Add note to the effect that security by obscurity is not security.
Date: Thu, 3 Feb 2005 07:36:53 -0700

 Oh my. Thanks for catching my mistakes.
 
 
 Regards,
 Brad
 
 --- doc-ori/en_US.ISO8859-1/books/handbook/network-servers/chapter.sgml 
 Thu Feb  3 04:20:21 2005
 +++ doc/en_US.ISO8859-1/books/handbook/network-servers/chapter.sgml     
 Thu Feb  3 04:28:32 2005
 @@ -4177,9 +4177,16 @@
          <para>Permitting version lookups on the <acronym>DNS</acronym>
            server could be opening the doors for an attacker.  A
            malicious user may use this information to hunt up known
 -         exploits or bugs to utilize against the host.  A false version
 -         string can be placed the <literal>options</literal> section of
 -         <filename>named.conf</filename>:</para>
 +         exploits or bugs to utilize against the host.</para>
 +
 +   <warning>
 +     <para>This will not protect you from exploits. Only upgrading to a
 +       version that is not vulnerable will protect your server.</para>
 +   </warning>
 +
 +   <para>A false version string can be placed the
 +     <literal>options</literal> section of
 +     <filename>named.conf</filename>:</para>
 
          <programlisting>options {
           directory       "/etc/namedb";