RE: easy remote detection of a running tripwire for webpages syst em

From: Jonathan Sartin (jonathan.sartinat_private)
Date: Wed Aug 29 2001 - 01:27:11 PDT

Next message: Scott Walker Register: "Re: Hardware defences against SYN flooding"

Previous message: pat_private: "gnut gnutella client html injection"
Next in thread: Jordan K Wiens: "RE: easy remote detection of a running tripwire for webpages syst em"
Reply: Jordan K Wiens: "RE: easy remote detection of a running tripwire for webpages syst em"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You need to set the ServerTokens directive in httpd.conf to reveal only
those things that you feel appropriate about the server.

Options are:

min - will return the product and version (i.e. Apache/1.3.0)
os - will return product version and operating system.
full - will return everything, including the installed modules (as you
noted, and probably a bad thing).
product_only - will return just the product (i.e. Apache)

default seems to be full.

Examples:

ServerTokens Prod[uctOnly] 
     Server sends (e.g.): Server: Apache 
ServerTokens Min[imal] 
     Server sends (e.g.): Server: Apache/1.3.0 
ServerTokens OS 
     Server sends (e.g.): Server: Apache/1.3.0 (Unix) 
ServerTokens Full (or not specified) 
     Server sends (e.g.): Server: Apache/1.3.0 (Unix) PHP/3.0 MyMod/1.2 

Note that this works on the server config level and therefore cannot be set
for individual virtualhosts.

Cheers .... J

Next message: Scott Walker Register: "Re: Hardware defences against SYN flooding"
Previous message: pat_private: "gnut gnutella client html injection"
Next in thread: Jordan K Wiens: "RE: easy remote detection of a running tripwire for webpages syst em"
Reply: Jordan K Wiens: "RE: easy remote detection of a running tripwire for webpages syst em"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 30 2001 - 16:49:39 PDT