Security Basics mailing list archives

MS IIS Urlscan - Preventing OS Detection

From: "Tom Milliner" <tom.milliner () verizon net>
Date: Wed, 25 Feb 2004 11:47:37 -0600

Incidentally, you can disguise your MS IIS web server to 
make it appear to be an Apache web server,  BUT if you
had used Urlscan,  the fact that you ran Urlscan can be
seen by certain scanning type tools.  If the scanner knows
you ran Urlscan, a MS product which hardens their IIS
product, then they know that your system is MS IIS.  

I don't have more details on this (I heard it from a reliable
source), but maybe someone can verify it and explain it.  

Tom Milliner, CPA, MCSE, CNE
2404 Summer Place Dr.
Irving, TX  75062
Day:  (214) 540-2741
tom.milliner () verizon net
 
 


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: Preventing OS Detection, (continued)
- - RE: Preventing OS Detection Tiago Halm (Feb 27)
- Re: Preventing OS Detection Vincent (Feb 24)
  - RE: Preventing OS Detection Jim Laverty (Feb 25)
- RE: Preventing OS Detection Joey Peloquin (Feb 24)
  - RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
    - RE: Preventing OS Detection Joey Peloquin (Feb 27)
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
  - Re: Preventing OS Detection Naren (Feb 25)
- FW: Preventing OS Detection check (Feb 25)
  - MS IIS Urlscan - Preventing OS Detection Tom Milliner (Feb 25)