I've been looking for a way to prevent security scanners such as Nessus from being able to easily read Tomcat's standalone webserver details. I'm running Tomcat 5.0.18 standalone and Nessus identifies it as follows:
Server Version: Apache-Coyote/1.1 Server Banner: Apache-Coyote/1.1
I can't seen anything similar to Apache's 'ServerTokens' directive to disable/suppress the info given out.
Pardon my ignorance, but what is the problem with that?
Adam -- struts 1.1 + tomcat 5.0.16 + java 1.4.2 Linux 2.4.20 Debian
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
