The server allows capture of the HTTP service banner. Service banners can contain sensitive information, such as application and Operating System (OS) version numbers. An attacker can use the version

The server allows capture of the HTTP service banner. Service banners can contain sensitive information, such as application and Operating System (OS) version numbers. An attacker can use the version information from your Web server to determine if there are any known vulnerabilities present, or can use such information to create attacks towards the specific application or OS.
Brijeshk9Asked:
Who is Participating?
 
Brijeshk9Connect With a Mentor Author Commented:
Ok , i have done the required changes with URL scan and problem is resolved now.
0
 
Tray896Commented:
The easiest and most common way of removing the server header info is by using URLScan.  You can download and find step by step instructions for configuring it here: http://learn.iis.net/page.aspx/473/using-urlscan
0
 
Brijeshk9Author Commented:
should i run it from the server where the website is hosted and what will be the next step on it.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Brijeshk9Author Commented:
any other solution...?
0
 
Tray896Commented:
Yes, you configure URLScan on the web server.  I would highly recommend you use it, as it is free and widely used so you can find plenty of documentation on it.  Another option is Server Mask, which is a product from Port80Software.  You can download a free 30 day trial here: http://www.port80software.com/products/servermask/

0
 
Brijeshk9Author Commented:
will there be any impect of it on my Productioin Server...! like performance or any kind of backup required...!
0
 
Tray896Commented:
No, there should not be a performance impact to your server.  The configuration is all text based.
0
 
Brijeshk9Author Commented:
I have installed url scan 2.5 on windows 2000 server what to do next.....because there is one .ini file and another is .dll: where i need to make changes to remove these type of Vulnerabilities.?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.