As promised I have some output from my server, I editid some of it like the Basic Auth I changed and my acutal domain. Trhying to be as secure as posible as I am learning alot about security here.

I realy apreciate your responces, this was bafeling me for about a week asi tryed to spoof my information netcraft seemed to always catch everything. The tools you mention should help me alot, going to download them and bookmark them for the future. As mentioned the server I run is keyfocus www.keyfocus.net its actualy quite easy to set up and configureation all done through a gui interface though I could manualy edit the config.

Will definately check out those tools you mention especialy IDserv sounds interesting, had some problems getting snort to work but finaly got some output. I also tryed proxomitron as i remembered it had a log window. Here is the output of proxomitron:

GET / HTTP/1.0
Accept: */*
Accept-Language: en-us
If-Modified-Since: Mon, 05 May 2003 19:10:06 GMT; length=1233
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Avant Browser [avantbrowser.com]; Crazy Browser 1.0.5; (R1 1.3))
Host: faked.spoofd.org:9077
Pragma: no-cache
Authorization: Basic c3Bvb2ZlZA==
Connection: keep-alive
Accept-encoding: gzip, deflate
Browser reload detected...

+++RESP 1+++
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 643
Content-Type: text/html
Date: Sun, 18 May 2003 16:43:04 GMT
Last-Modified: Mon, 05 May 2003 19:10:06 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Vary: Accept-Encoding
My snort output atached