First and foremost, we need to consider how IPCop looks to the outside world. The first step taken by any hacker, penetration tester, IT professional, or analyst in assessing the threat that a particular device poses, whether they intend to fix it or break in via it, is to profile that device in order to find out some of the following things:
What the device is
What operating system it is running
What sort of hardware it may be running on
What services the server is running, and therefore by inference...
What software (services) the server is running in addition to the basic operating system
Whether any of the above (particularly the services) are insecure
As a legitimate auditor, manager, and maintainer of IPCop systems, much of this is available to us from memory, from our documentation, or by logging into the host itself. For an attacker, to whom such information is extremely valuable, this is not the case, and so it behooves us to understand how an intruder would gather...