hello what are the pro/cons of using IISBanner versus the AlternateServerName or RemoveServerHeader directive of the URLScan tool?
regards javier --- Tiago Halm <[EMAIL PROTECTED]> wrote: > Hi all, > > IISBanner was totally re-coded and is now > configurable and fully performant. > See details below... > > > ============== IISBanner ============== > > Author: Tiago Halm > Version: 1.1 > Platforms: Windows (IIS) > License: BSD > > - Introduction > - Description > - Configuration > - Notes > - Notes for version 1.0 > - Download > > > Introduction > --------------- > ISAPI Filters are the only "safe" way of managing > (changing, altering, > customizing) some of the core parts of IIS. > Customizing the "Server" response header is one of > those tasks. While > altering the "Server" response header may be useful > at a security > prespective by disguising the web server banner > (security by obscurity), > keep in mind that there are much more powerfull ways > of detecting a server > type using tools like nmap. > > > Description > -------------- > IISBanner is an IIS ISAPI Filter that can be used to > specify a replacement > for IIS's built in "Server" header, or even to > instruct IIS to not use the > "Server" response header altogether. > The configuration is made by an .ini file, namely > "IISBanner.ini". This > configuration file must reside in the same directory > of IISBanner.dll. > > > Configuration > ----------------- > The configuration file contains 2 options: > > Name: RemoveBanner > Values: 0 or 1 > Description: > - If 1, then the "Server" response header is > removed, meaning that all IIS > responses will not contain any "Server" header, and > the ChangeBanner option > is ignored; > - If 0, then the "Server" response header is not > removed and the > ChangeBanner option may be used; > - If commented, then its value defaults to 0; > > Name: ChangeBanner > Values: Any string up to 255 characters > Description: > - If string is empty, then IIS's built in "Server" > response header remains > unchanged; > - If string is not empty, then the "Server" response > header will be changed > to that same value; > - If commented, then its value defaults to empty > string; > > > Notes > -------- > - Instalation of this ISAPI Filter must be done at > the WebServer level; > - The ISAPI runs at low priority; > - IIS's performance is NOT affected by this ISAPI > Filter. Any stress test > will reveal that the number of HTTP requests remains > unaffected with or > without IISBanner; > - DLL size is now 20Kb (compiled without default > libraries); > - IISBanner is installed at http://www.kodeit.org > and may be viewed by a > network sniffer at each HTTP response received, or > through this simple VBS > script: > __________________________________________________________ > Set oHTTP = > WScript.CreateObject("Microsoft.XMLHTTP") > Call oHTTP.Open("HEAD", "http://www.kodeit.org";, > False) > Call oHTTP.Send() > WScript.Echo oHTTP.GetAllResponseHeaders() > Set oHTTP = Nothing > __________________________________________________________ > > > Notes for version 1.0 > -------------------------- > The first version of IISBanner was ONLY > demonstrative and it suffered from > performance issues. Although download of version 1.0 > is still available, its > recommended the use of version 1.1 for any real > instalation. > > Download > ------------ > IISBanner can viewed at > http://www.kodeit.org/utils/iisbanner.htm > > Version 1.1 > Binary: > http://www.kodeit.org/utils/iisbanner.1.1.zip > Source: > http://www.kodeit.org/utils/iisbanner_src.1.1.zip > > Version 1.0 > Binary: > http://www.kodeit.org/utils/iisbanner.1.0.zip > Source: > http://www.kodeit.org/utils/iisbanner_src.1.0.zip > > > Comments, this time, are very welcome! > > Regards, > Tiago Halm > http://www.kodeit.org > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
