Eric Covener <[email protected]> writes: > On Wed, Jun 10, 2009 at 7:53 AM, Singh, Sukhjeet > <[email protected]> wrote: >> The server allows capture of the HTTP service banner. Service banners can >> contain sensitive information, such as application and Operating System (OS) >> version numbers. An attacker can use the version information from your Web >> server to determine if there are any known vulnerabilities present, or can >> use such information to create attacks towards the specific application or >> OS. > > http://httpd.apache.org/docs/2.2/mod/core.html#servertokens
Sukhjeet, you can hide this information, but I wouldn't think it would make your server any more secure. Most attackers will probably just try a bunch of known vulnerabilities without even looking at the OS and version. -- Dan Poirier <[email protected]> --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
