From: Remy Maucherat [mailto:[EMAIL PROTECTED] > The issue is that there's no value in this: it would likely take 5 > minutes for an attacker to figure out the webserver is > running Tomcat. > The Server header is maybe the less visible of them (and gives little > information when compared to the others). > > So why bother about this ? (that's my point)
Because users want the functionality. If it can be done without hitting performance, why not do it? Mark --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
