I have already removed the http headers from the iis consoles and the web servers using urlscan configuration options, firewalls are configured to not send any header info as well... still seem to be leaking the following info that can be used to exploit systems easily, does anyone know how to keep this info from being served up during a web request?
X-AspNet-Version: 1.1.4322 (this is in the tcp packet) User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322) (this is in the browser header response) Thanks in advance. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/saFolB/TM ---------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/AspNetAnyQuestionIsOk/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
