Ihab
asked on
How do you know if the website is hosted on Linux platform ?and how to hide Operating System Identity
One expert advise me If attacker or hacker got the Remote Operating system platform information and if there are any known vulnerabilities available in the remote operating system then this will help attacker or hacker to steal or hack your website data.
Asking me to hide Operating System Identity .
How do you know if the website is hosted on Linux platform or other?and how to hide Operating System Identity
Asking me to hide Operating System Identity .
How do you know if the website is hosted on Linux platform or other?and how to hide Operating System Identity
you can check server information with many tools or on web pages like http://builtwith.com
hiding is specific for OS so you can search for Apache or IIS on Internet
hiding is specific for OS so you can search for Apache or IIS on Internet
ASKER
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
How to hide Operating System Identity?
ASKER
How do you know if the website is hosted on Linux platform
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is done by the checking the fingerprinter of the remote system by capturing the TCP/IP packets thrown to it.
Most of the people use tool like Nmap.
For more details please see the article below:
http://nmap.org/book/man-os-detection.html
Sudeep
Most of the people use tool like Nmap.
For more details please see the article below:
http://nmap.org/book/man-os-detection.html
Sudeep
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Mr. Beneford
Do you recommend removing server entry in HTTP -hide Operating System Identity?
Thanks
Do you recommend removing server entry in HTTP -hide Operating System Identity?
Thanks
ASKER
I have checked my website with acunetix and I've got the results in the print-screen,
Please advise
web.jpg
Please advise
web.jpg
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Download and install Nmap for windows and scan your website.
It would tell you what OS your website is running.
http://nmap.org/dist/nmap-6.40-setup.exe
Make sure to select the intense scan.
Sudeep
It would tell you what OS your website is running.
http://nmap.org/dist/nmap-6.40-setup.exe
Make sure to select the intense scan.
Sudeep
ASKER
I have checked my website with acunetix and I've got the results in the print-screen,
Please advise
web.jpg
Please advise
web.jpg
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For apache, you can withhold this information (see http://stackoverflow.com/questions/15130443/remove-server-info-and-php-info-from-response-header)
(PHP will give the underlying OS, so that one is worth not returning).
If the underlying OS isn't explicitly published by the WebServer, there are sometimes clues if you scan the server for ports and see what else is responding (eg, if it also hosts SMTP, that usually says what it is when you connect to it.)
To be protected, you need to scan the address and see what information is available, and close any ports/services that are not being used.