hiding IIS 6.0 signatures
How do i hide IIS 6 signatures from a scan or netcraft?
Re: hiding IIS 6.0 signatures
You can try urlscan from ms.com
Hiding the banner won't protect the server from being attacks.
So make sure the box is patch, you have proper firewall etc in place.
--
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/
"tony" <tony [at] web.com> wrote in message
news:OPs5VJzVIHA.5508 [at] TK2MSFTNGP04.phx.gbl...
> How do i hide IIS 6 signatures from a scan or netcraft?
>
Re: hiding IIS 6.0 signatures
we currently have linux proxies in front of IIS. i want to remove the
proxies and expose the IIS servers.
any downside or comments on this setup?
"Bernard Cheah [MVP]" <qbernard [at] hotmail.com.discuss> wrote in message
news:u7$KXtzVIHA.536 [at] TK2MSFTNGP06.phx.gbl...
> You can try urlscan from ms.com
> Hiding the banner won't protect the server from being attacks.
>
> So make sure the box is patch, you have proper firewall etc in place.
>
> --
> Regards,
> Bernard Cheah
> http://www.iis.net/
> http://msmvps.com/blogs/bernard/
>
>
> "tony" <tony [at] web.com> wrote in message
> news:OPs5VJzVIHA.5508 [at] TK2MSFTNGP04.phx.gbl...
>> How do i hide IIS 6 signatures from a scan or netcraft?
>>
>
>
Re: hiding IIS 6.0 signatures
Hiding an "IIS" signature is merely "security through obscurity".
An exploit that compromises IIS will work regardless of whether your server
exhibits IIS behaviour or not.
And frameworks like metasploit mean that an attacker can hurl thousands of
automated exploits at your server, disregarding what it is (or attempts to
disguise it) in a few seconds. Obscurity = good. But it's not real security.
Cheers
Ken
"tony" <tony [at] web.com> wrote in message
news:%23Wh1D8zVIHA.4740 [at] TK2MSFTNGP02.phx.gbl...
> we currently have linux proxies in front of IIS. i want to remove the
> proxies and expose the IIS servers.
>
> any downside or comments on this setup?
> "Bernard Cheah [MVP]" <qbernard [at] hotmail.com.discuss> wrote in message
> news:u7$KXtzVIHA.536 [at] TK2MSFTNGP06.phx.gbl...
>> You can try urlscan from ms.com
>> Hiding the banner won't protect the server from being attacks.
>>
>> So make sure the box is patch, you have proper firewall etc in place.
>>
>> --
>> Regards,
>> Bernard Cheah
>> http://www.iis.net/
>> http://msmvps.com/blogs/bernard/
>>
>>
>> "tony" <tony [at] web.com> wrote in message
>> news:OPs5VJzVIHA.5508 [at] TK2MSFTNGP04.phx.gbl...
>>> How do i hide IIS 6 signatures from a scan or netcraft?
>>>
>>
>>
>
>
