How to block hidden result of telnet 80?

Dear Expertise
   As I know about useful of telnet <webhost> 80 for troubleshooting. But some case It's useful for hacker to grather information from your server such as your version of apache, version of OS and etc. As I , however, known you can minimize result of those detail (ServerTokens Prod).
   This is my question : How to hide the result of detail from my server? Neither telnet via port 80 or any method.

PS. In case of apache configuration

Thanks .
chowalitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jonesy2kCommented:
Use the ServerTokens directive in your config file:
-----
ServerTokens Prod[uctOnly]
    Server sends (e.g.): Server: Apache
ServerTokens Major
    Server sends (e.g.): Server: Apache/2
ServerTokens Minor
    Server sends (e.g.): Server: Apache/2.0
ServerTokens Min[imal]
    Server sends (e.g.): Server: Apache/2.0.41
ServerTokens OS
    Server sends (e.g.): Server: Apache/2.0.41 (Unix)
ServerTokens Full (or not specified)
    Server sends (e.g.): Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.2
----
So to display the very minimum information, set
ServerTokens Prod
somewhere in the main part of your httpd.conf file
Hope this helps you out,
Jonesy
jonesy2kCommented:
Sorry, disregard that. I just read your question again :S
I'm not sure I understand your question...
Jonesy
chowalitAuthor Commented:
Thanks Jonesy
.. But I known that.
Other ways?
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

chowalitAuthor Commented:
This is case study for MS web.

# telnet www.microsoft.com 80
Trying 207.46.20.30...
Connected to www.microsoft.com.nsatc.net.
Escape character is '^]'.
HTTP / HTML 1.0/

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Mon, 04 Jul 2005 06:06:04 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>Connection closed by foreign host.

How to protect this case?
jonesy2kCommented:
What part of that are you worried about? that's a normal http error message from a webserver...
You could stop that by firewalling port 80 tcp, or by not starting apache....
jonesy
David PiniellaCommented:
the example you gave (microsoft.com) doesn't give any info on the server/product used. that's standard HTML -- if you don't send that, you're not serving web pages.
MysidiaCommented:
You can pick

ServerTokens None

in httpd.conf   to hide information about the server

You cannot suppress bad request error messages, Content-Type messages,
Date/time messages, connection status, or content length in that error
message, although you could specify an error page short of blocking
all connections.

What part of the output were you trying to hide?
MysidiaCommented:
>Dear Expertise
>   As I know about useful of telnet <webhost> 80 for troubleshooting. But some case It's >useful for hacker to grather information from your server such as your version of apache, >version of OS and etc. As I , however, known you can minimize result of those detail

If your hacker using Telnet is following the HTTP protocol, it is impossible
for your server to distinguish e between a legitimate web browser
and your "hacker" that makes the same kind of request, because they both
look the same to the server.

They could even be some user right clicking and choosing a "Page Info" option to see
what data their web browser has collected from your server or they could make
a separate request using a command like

lynx -head http://path-to-your-server

Of course normal web browsers might even HEAD request first, for example
if they have cached the page to see if it is newly modified, as an alternative
to a conditional GET type of option.

Without a full audit of any scripts you are serving, you also cannot be too
certain you do not have dynamic pages leaking information either normally
(or if an error occurs) also.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ahoffmannCommented:
> How to protect this case?
you can't
Or be more precise, stop the service listening on port 80.

If you offer a service ( for example on port 80) then it is public. Dot. Period.
You cannot control which program accesses this service.
If you don't wnat that anyone is using telnet to connect, close the service.
decoleurCommented:
apache does not let you not show anything with the ServerTokens flag in httpd.conf

further information can be gleaned from the order in which information is presented from various HTTP 1.0 requests, GET, HEAD, OPTIONS, TRACE...
you can fingerprint any websever using the responses from those simple telnet webserver port 80 requests.

to change this you wouldhave to rewrite the binaries.

HTH

-t
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.