Re: cloaking the web server signature

From: sharky (sharky_at_nospam.com)
Date: 05/05/03 

Date: Mon, 5 May 2003 07:44:47 -0700

Thanks, Keith, good info.
Do you know where I can change the OS that's sent in the HTTP reply?
Can you recommend a decent fingerprinting tool I can use to check my work?
Thanks for your time.

"Keith W. McCammon" <km@km.com> wrote in message
news:uB0cvIxEDHA.2288@TK2MSFTNGP12.phx.gbl...
> > Does anyone know how to hide what type of web server I'm running? I
found
> > out you can manually change the service name (ie; display "Apache"
instead
> > of "IIS 5.0") in URLScan, but is there a registry key where you can
change
> > the web server header to display "Solaris" or something else as the OS?
>
> The HTTP server header is a single value--if the OS is included in the
> server response, then it can be changed/removed in the same place. And,
for
> what it's worth, sending a deceptive OS in the header won't typically do
you
> much good anyway. There are a number of trivial ways to reliably
> fingerprint an OS, and most experienced folks will go straight for these,
as
> opposed to relying on easily crafted information.
>
>