IIS Server Banner - Part II

I blogged Part I weeks ago and received some pretty good comments on additional 'tweaking' that you can apply to other services. Thanks to Karl and Kenji  our Security MVP(s).

POP3 and IMAP4 (E2k)
XCON: How to Modify the POP or IMAP Banner
you are able to modify Exchange 2000 POP3 and IMAP4 banner, howerver this only apply to E2K and above.

POP3 (W2K3)
you need to create a new string value key in the registry. e.g. “my pop3svr“. path:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Pop3 Service\Greeting

Telnet (W2K)
HOW TO: Change the Telnet Server Banner and Run Programs for All Users
which is actually modifying the login.cmd file.

Next to extend the HTTP header masking, we can apply -
Internet Information Server Returns IP Address in HTTP Header (Content-Location)
This KB only apply to IIS 4.0 and IIS 5.0. It's not supported for IIS 6.0. If my information is correct, you will see this fix in Windows Server 2003 SP1 (which will be out soon). Microsoft is aware of this issue and will fix it on SP1.

One way to hide it(at least for now), is to configure host header for the IIS 6.0 website. It will mask detail from
Content-Location: http://10.1.1.1/Default.htm
to
Content-Location: http://www.domain.com/Default.htm

Again, hiding banner detail is NOT the way you should protect your server.

Published Tue, May 25 2004 9:21 by bernard
Filed under: ,

Comments

# TrackBack said on 27 May, 2004 08:22 AM
# TrackBack said on 11 June, 2004 04:49 PM

News

Search

Go

This Blog

Tags

Archives

IIS Sites

MVPs - MVPs

IIS Related

Syndication