Security Basics mailing list archives
MS IIS Urlscan - Preventing OS Detection
From: "Tom Milliner" <tom.milliner () verizon net>
Date: Wed, 25 Feb 2004 11:47:37 -0600
Incidentally, you can disguise your MS IIS web server to make it appear to be an Apache web server, BUT if you had used Urlscan, the fact that you ran Urlscan can be seen by certain scanning type tools. If the scanner knows you ran Urlscan, a MS product which hardens their IIS product, then they know that your system is MS IIS. I don't have more details on this (I heard it from a reliable source), but maybe someone can verify it and explain it. Tom Milliner, CPA, MCSE, CNE 2404 Summer Place Dr. Irving, TX 75062 Day: (214) 540-2741 tom.milliner () verizon net --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Preventing OS Detection, (continued)
- RE: Preventing OS Detection Tiago Halm (Feb 27)
- Re: Preventing OS Detection Vincent (Feb 24)
- RE: Preventing OS Detection Jim Laverty (Feb 25)
- RE: Preventing OS Detection Joey Peloquin (Feb 24)
- RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- RE: Preventing OS Detection Joey Peloquin (Feb 27)
- RE: Preventing OS Detection Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- RE: Preventing OS Detection Hagen, Eric (Feb 24)
- Re: Preventing OS Detection Naren (Feb 25)
- FW: Preventing OS Detection check (Feb 25)
- MS IIS Urlscan - Preventing OS Detection Tom Milliner (Feb 25)