|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Alderson, John (John.Alderson
FMR.COM)Date: Fri Dec 07 2001 - 16:59:42 CST
> -----Original Message-----
> From: ThorHammerofGod.com [mailto:ThorHammerofGod.com]
> Sent: Friday, December 07, 2001 2:33 PM
> To: eric.johansenreliastar.com; focus-mssecurityfocus.com
> Subject: Re: NT/IIS decoy
>
> I've tried this before, but not been able to get it to
> work... I just tried
> again with no luck.
> I set a string as such:
> AlternateServerName=FooBar
> as well as
> AlternateServerName="FooBar"
>
> but in both cases, the server header is simply removed
> altogether, as if
> RemoveServerHeader were set to 1.
>
> Anyone successfully making this work?
>
> AD
Take a look at this sample ISAPI filter:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q294735
It works as advertised but is probably not good for production use as it
reads it's Server string from the Registry for each invocation. But, you
can change that easily enough so that it is just read at Initialization.
John Alderson
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]