If you modify the header via Felipe's program then you can't run the
frontpage extensions or the office extensions because they check the header
and will refuse to run if it's not one they know.

Geo.

> From: Lampe, John W. [mailto:JWLAMPEGAPAC.com]
>
>
> on win2k machines you'll also need to disable WFP after
> hex-editing the w3svc.dll. On apache (at least the *nix
> versions), you can just edit the httpd.h file to change your
> banners (prior to compilation).
>
> John
>
> -----Original Message-----
> From: John Redd [mailto:reddjohnyahoo.com]
> Sent: Saturday, December 08, 2001 11:18 PM
> To: lambottaol.com
> Cc: focus-mssecurityfocus.com
> Subject: Re: NT/IIS decoy
>
>
> Two options:
>
> 1) Use a hex editor (UltraEdit) and manually edit the
> w3svc.dll replacing any reference of Microsoft-IIS/5.0
> (or Microsoft-IIS/4.0)
>
> 2) Felipe Moniz has created banner editors for apache,
> IIS, M$ FTP and M$ SMTP and can be downloaded at
> http://www.nstalker.com/banners.php
>
> Regards,
>
> John
>
>
> >Does anyone know how to hide or mask the identity of
> >a IIS 4.0 or 5.0
> >server such that if a "GET" command is issued
> >following a telnet to the
> >server on port 80, the server will display a
> >different server type so
> >as to hide it's true identity.
>
> __________________________________________________
> Do You Yahoo!?
> Send your FREE holiday greetings online!
> http://greetings.yahoo.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]