[Full-Disclosure] [ANNOUNCE]: IISBanner 1.1 released

From: Tiago Halm (thalm_at_netcabo.pt)
Date: 07/04/03

  • Next message: madsaxon: "Re: A Few Realities About Security Re: [Full-Disclosure] Microsoft Cries Wolf ( again )" 
    To: <full-disclosure@lists.netsys.com>
Date: Fri, 4 Jul 2003 05:40:19 +0100

    Hi all,

    IISBanner was totally re-coded and is now configurable and fully performant.
    See details below...

    ============== IISBanner ==============

    Author: Tiago Halm
    Version: 1.1
    Platforms: Windows (IIS)
    License: BSD

    - Introduction
    - Description
    - Configuration
    - Notes
    - Notes for version 1.0
    - Download

    Introduction
    ---------------
    ISAPI Filters are the only "safe" way of managing (changing, altering,
    customizing) some of the core parts of IIS.
    Customizing the "Server" response header is one of those tasks. While
    altering the "Server" response header may be useful at a security
    prespective by disguising the web server banner (security by obscurity),
    keep in mind that there are much more powerfull ways of detecting a server
    type using tools like nmap.

    Description
    --------------
    IISBanner is an IIS ISAPI Filter that can be used to specify a replacement
    for IIS's built in "Server" header, or even to instruct IIS to not use the
    "Server" response header altogether.
    The configuration is made by an .ini file, namely "IISBanner.ini". This
    configuration file must reside in the same directory of IISBanner.dll.

    Configuration
    -----------------
    The configuration file contains 2 options:

    Name: RemoveBanner
    Values: 0 or 1
    Description:
    - If 1, then the "Server" response header is removed, meaning that all IIS
    responses will not contain any "Server" header, and the ChangeBanner option
    is ignored;
    - If 0, then the "Server" response header is not removed and the
    ChangeBanner option may be used;
    - If commented, then its value defaults to 0;

    Name: ChangeBanner
    Values: Any string up to 255 characters
    Description:
    - If string is empty, then IIS's built in "Server" response header remains
    unchanged;
    - If string is not empty, then the "Server" response header will be changed
    to that same value;
    - If commented, then its value defaults to empty string;

    Notes
    --------
    - Instalation of this ISAPI Filter must be done at the WebServer level;
    - The ISAPI runs at low priority;
    - IIS's performance is NOT affected by this ISAPI Filter. Any stress test
    will reveal that the number of HTTP requests remains unaffected with or
    without IISBanner;
    - DLL size is now 20Kb (compiled without default libraries);
    - IISBanner is installed at http://www.kodeit.org and may be viewed by a
    network sniffer at each HTTP response received, or through this simple VBS
    script:
    __________________________________________________________
    Set oHTTP = WScript.CreateObject("Microsoft.XMLHTTP")
    Call oHTTP.Open("HEAD", "http://www.kodeit.org", False)
    Call oHTTP.Send()
    WScript.Echo oHTTP.GetAllResponseHeaders()
    Set oHTTP = Nothing
    __________________________________________________________

    Notes for version 1.0
    --------------------------
    The first version of IISBanner was ONLY demonstrative and it suffered from
    performance issues. Although download of version 1.0 is still available, its
    recommended the use of version 1.1 for any real instalation.

    Download
    ------------
    IISBanner can viewed at http://www.kodeit.org/utils/iisbanner.htm

    Version 1.1
    Binary: http://www.kodeit.org/utils/iisbanner.1.1.zip
    Source: http://www.kodeit.org/utils/iisbanner_src.1.1.zip

    Version 1.0
    Binary: http://www.kodeit.org/utils/iisbanner.1.0.zip
    Source: http://www.kodeit.org/utils/iisbanner_src.1.0.zip

    Comments, this time, are very welcome!

    Regards,
    Tiago Halm
    http://www.kodeit.org

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: madsaxon: "Re: A Few Realities About Security Re: [Full-Disclosure] Microsoft Cries Wolf ( again )"

    Relevant Pages