how to edit MS IIS Banner/Version header information?
Results 1 to 5 of 5

Thread: how to edit MS IIS Banner/Version header information?

  1. #1
    Banned
    Join Date
    Feb 2002
    Posts
    8

    how to edit MS IIS Banner/Version header information?

    Is there a manual process or hands on way to edit that information so when someone nmaps my IIS system it doesnt show up as [MS IIS Web Server Ver 5.0] etc?

    I found a few programs that will do it, but im curious where the information/settings are stored in the registry or in the program.

    Any help would be appreciated.

  2. #2
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    http://lists.jammed.com/pen-test/2001/12/0047.html

    Seems to indicate that IIS Lockdown will do it if you set it up to do that... be careful though, IIS lockdown can sometimes get pretty zealous and make stuff stop working, so be judicious and limit changes to one at a time so that you can back them out if it breaks ...


    Neb
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  3. #3
    Junior Member
    Join Date
    Jul 2002
    Posts
    8

    Re: how to edit MS IIS Banner/Version header information?

    Yes, URLscan will do it. You have to specify a AlternateServerName if you want to replace the server header with, say, Apache/1.3.9 (Unix)

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    One thing I forgot to mention in the post, that just occured to me when I read back over it was that the above article indicated that it was NOT possible to manually change the headers, especially in IIS 5+ because those headers are defined in a certain dll (it is mentioned in the article but I forget which one it was) and you would have to be uber good to rewrite it (or at least that is what they were indicating). The basic thing I was getting at was why risk destroying the dll when you can use somethng like IISLockdown (provided free by microsoft to lock down their horrendously insecure default installations) that will do it for you...

    Neb
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  5. #5
    Junior Member
    Join Date
    Sep 2002
    Posts
    2
    If you just want to change banners and nothing else, for Windows IIS, SMTP, FTP services, then N-Stalker have some free tools for this at:

    http://www.nstalker.com/banners.php

    1nf1d3l

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •