This content is retired but we have related up-to-date content below.
Trial lock

This Research is for Members Only

Not a member? Unlock a free sample of our research now!

Already a member?

Sign in now

Common Web server attacks begin with a port scan, a type of reconnaissance to map gateways into the enterprise's servers. One information-gathering tactic is to ask the Web server to send a page. From the resulting HTTP header, the attacker identifies the Web server software and version. Alter or mask Web server HTTP headers to reduce the threat footprint.

Hide the Lock

On publicly facing Web servers, the name and version number of the Web server software is important security information that should be kept safe. However, most Web servers automatically reveal the name of the software package and the version identity. Essentially, these Web servers advertise what type of lock is on the door.

Related Content

Hide Details

Search Code: 1959
Published: January 9, 2007
Last Revised: January 9, 2007


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.