============== IISBanner ============== Type: ISAPI Filter Open Source: Yes License: BSD Description -------------- We are proud to present a tool with the ability to change the IIS Response Header "Server". ISAPI Filters are the only "safe" way of managing (changing, altering, customizing) some of the core parts of IIS. Customizing the response header "Server" is one of those tasks. IISBanner provides a simple yet powerful, although demonstrative, way of achieving such objective. IISBanner may be useful at a security prespective by disguising the web server banner (security by obscurity), but keep in mind that there are much more powerfull ways of detecting a server type using tools like nmap. Features ----------- Changes IIS "Server" response header value to "Powered By IISBanner/1.0 (KodeIT)" Notes ------- Instalation of this ISAPI Filter must be done at the WebServer level; Although the Response Value could be set in a file (ex: ini), I decided to "hard code" it to make it simple to understand the source code; IISBanner is installed at http://www.kodeit.org and may be viewed by a network sniffer at each HTTP response received, or through this simple VBS script: ... Set oHTTP = WScript.CreateObject("Microsoft.XMLHTTP") Call oHTTP.Open("HEAD", "http://www.kodeit.org", False) Call oHTTP.Send() WScript.Echo oHTTP.GetAllResponseHeaders() Set oHTTP = Nothing ... Remarks ----------- With the objective of providing a demonstrative feature, the current version of this tool is not configurable. Depending on comments (hopefully) provided, one such configurable version may be built along with some other features added. IISBanner can be downloaded from http://www.kodeit.org/utils/iisbanner.htm Cheers, Tiago Halm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Wed Jun 18 2003 - 17:37:42 PDT