Re: NT/IIS decoy
From: John Redd (reddjohn@yahoo.com)Date: 12/09/01
- Previous message: vishal pranjale: "RE: Forensic Acquisition (win2K) - more"
- Maybe in reply to: Lambott@aol.com: "NT/IIS decoy"
- Next in thread: Robert Hobart: "Re: NT/IIS decoy"
- Next in thread: Robert Hobart: "Re: NT/IIS decoy"
- Next in thread: Thor@HammerofGod.com: "RE: NT/IIS decoy"
- Reply: Robert Hobart: "Re: NT/IIS decoy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 8 Dec 2001 20:18:22 -0800 (PST) From: John Redd <reddjohn@yahoo.com> To: lambott@aol.com
Two options:
1) Use a hex editor (UltraEdit) and manually edit the
w3svc.dll replacing any reference of Microsoft-IIS/5.0
(or Microsoft-IIS/4.0)
2) Felipe Moniz has created banner editors for apache,
IIS, M$ FTP and M$ SMTP and can be downloaded at
http://www.nstalker.com/banners.php
Regards,
John
>Does anyone know how to hide or mask the identity of
>a IIS 4.0 or 5.0
>server such that if a "GET" command is issued
>following a telnet to the
>server on port 80, the server will display a
>different server type so
>as to hide it's true identity.
__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com
- Previous message: vishal pranjale: "RE: Forensic Acquisition (win2K) - more"
- Maybe in reply to: Lambott@aol.com: "NT/IIS decoy"
- Next in thread: Robert Hobart: "Re: NT/IIS decoy"
- Next in thread: Robert Hobart: "Re: NT/IIS decoy"
- Next in thread: Thor@HammerofGod.com: "RE: NT/IIS decoy"
- Reply: Robert Hobart: "Re: NT/IIS decoy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
