Hide Elasticsearch and Kibana version

Hi,

I'm looking for a way to hide information about which version of Elasticsearch and Kibana we are currently using.
We are using Elasticsearch and Kibana 6.4.2 version.

Thanks,
Adrian

Welcome!

I don't think you can do that.
Why do you want this?

Hi David,

Thank you for your message.

I want to do this because lately we discuss about threats internally in our company. And one threat is when you disclosure of version or system information allows an attacker to conduct a selective search in
vulnerability databases. The obtained information can then be used as a basis for attacks.

Thanks,
Adrian

1 Like

Not having version information explicitly is not materially going to foil an attacker. First, there are other ways to narrow the range (what APIs are supported tells you a lot, what the responses looks like tells you more; look at the response even to / in Elasticsearch over various versions, it reveals a lot even if the version information is stripped). An experienced attacker will know how to fingerprint the victim to obtain this information even if it were to be made not available explicitly. In the end though, having or not having version information isn’t particularly revealing. Instead, an attacker, experienced or otherwise, can try every attack they have in their arsenal.

1 Like

Hi Jason,

Thanks for your message.

Thanks,
Adrian

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.