Hinder Web Server Attacks: Mask HTTP Headers


Download

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.

Common Web server attacks begin with a port scan, a type of reconnaissance to map gateways into the enterprise's servers. One information-gathering tactic is to ask the Web server to send a page. From the resulting HTTP header, the attacker identifies the Web server software and version. Alter or mask Web server HTTP headers to reduce the threat footprint.

Hide the Lock

On publicly facing Web servers, the name and version number of the Web server software is important security information that should be kept safe. However, most Web servers automatically reveal the name of the software package and the version identity. Essentially, these Web servers advertise what type of lock is on the door.

Hide Details

Search Code: 1959
Published: January 9, 2007
Last Revised: January 9, 2007

Related Content

GET HELP Contact Us
×
VL Methodology