Solved

Masking the way Windows 2003 web server looks to crackers.

Posted on 2004-03-23
4
220 Views
Last Modified: 2010-04-19
I want my 2003 IIS 6 web server to look like a Linux server or another server for that matter when people are scanning and probing the network. Is this possible?
0
Comment
Question by:bstearns
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
Ugrum earned 500 total points
ID: 10661715
THe people who are scanning will be able to determine the OS that host is running with 99.999% probability - they will just use OS fingerprinting, the method which analyzes network packets at a very low level to find OS-specific patterns. Of course, the fact that the web server runs Windows 2003 does not neccessary means that the website itself is running on IIS 6.0 (you can install Apache and others...), but it's the most likely scenario.
As to hide, you can use some form of reverse proxy to publish your website on a host that is not running Windows.
0
 

Author Comment

by:bstearns
ID: 10662193
Thank you for the help.
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10665076
Ugrum is right

OS fingerprinting goes down to the very way in which certin IP packets are responded to - and while it is possible to change that what usually happens is you end up with a duff TCP stack :(

To be honest why would you want to hide it? IIS 6, when properly set up, behind a firewall and well patched is extremely secure and superior in terms of speed and functionality to best of the competitors.

If you want to protect against scans and probes (as you put it!) then install and properly configure a firewall, I recommend you look at www.kerio.com for some of the best personal and enterprise firewall software on the market today.

Cheers

JamesDS
0
 

Author Comment

by:bstearns
ID: 10670969
Thank you JamesDS for your insight as well.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question