Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

The server allows capture of the HTTP service banner. Service banners can contain sensitive information, such as application and Operating System (OS) version numbers. An attacker can use the version

Posted on 2009-03-29
8
Medium Priority
?
387 Views
Last Modified: 2012-05-06
The server allows capture of the HTTP service banner. Service banners can contain sensitive information, such as application and Operating System (OS) version numbers. An attacker can use the version information from your Web server to determine if there are any known vulnerabilities present, or can use such information to create attacks towards the specific application or OS.
0
Comment
Question by:Brijeshk9
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 15

Expert Comment

by:Tray896
ID: 24019996
The easiest and most common way of removing the server header info is by using URLScan.  You can download and find step by step instructions for configuring it here: http://learn.iis.net/page.aspx/473/using-urlscan
0
 

Author Comment

by:Brijeshk9
ID: 24025006
should i run it from the server where the website is hosted and what will be the next step on it.
0
 

Author Comment

by:Brijeshk9
ID: 24025518
any other solution...?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 15

Expert Comment

by:Tray896
ID: 24028636
Yes, you configure URLScan on the web server.  I would highly recommend you use it, as it is free and widely used so you can find plenty of documentation on it.  Another option is Server Mask, which is a product from Port80Software.  You can download a free 30 day trial here: http://www.port80software.com/products/servermask/

0
 

Author Comment

by:Brijeshk9
ID: 24029642
will there be any impect of it on my Productioin Server...! like performance or any kind of backup required...!
0
 
LVL 15

Expert Comment

by:Tray896
ID: 24030127
No, there should not be a performance impact to your server.  The configuration is all text based.
0
 

Author Comment

by:Brijeshk9
ID: 24084010
I have installed url scan 2.5 on windows 2000 server what to do next.....because there is one .ini file and another is .dll: where i need to make changes to remove these type of Vulnerabilities.?
0
 

Accepted Solution

by:
Brijeshk9 earned 0 total points
ID: 24428682
Ok , i have done the required changes with URL scan and problem is resolved now.
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question