lotus domino server 5.08 is very gabby

From: Frank.Boldewinat_private
Date: Tue Sep 18 2001 - 23:47:40 PDT

Next message: C?sar Gonz?lez: "Re: New vulnerability in IIS4.0/5.0"

Previous message: César González: "Re: New vulnerability in IIS4.0/5.0"
Next in thread: Darren Davison: "Re: lotus domino server 5.08 is very gabby"
Reply: Darren Davison: "Re: lotus domino server 5.08 is very gabby"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

maybe this is nothing new, but when i looked at some
html raw headers after i surfed to a lotus domino 5.08 webserver,
he tells me the following information :

Lotus-Domino (Release 5.0.8 - June 18, 2001 on AIX)

and further a request like this :

GET //////////// HTTP/1.0

gives me the internal ip-address, if the firewall or the router does NAT :

HREF="http://10.65.59.30/

So now, is it possible to suppress these informations ?
What i'm searching for, is a switch like ServerTokens on
Apache Servers in the httpd.conf

As there is no source for this server available, the only idea i have,
is to patch the binary.

Every other good idea is welcome.

cheers

Frank
 

-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net

Next message: C?sar Gonz?lez: "Re: New vulnerability in IIS4.0/5.0"
Previous message: César González: "Re: New vulnerability in IIS4.0/5.0"
Next in thread: Darren Davison: "Re: lotus domino server 5.08 is very gabby"
Reply: Darren Davison: "Re: lotus domino server 5.08 is very gabby"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 17:21:07 PDT