ID Serve Tells All, How to Fake it Out?

• From: "Craft, Steve" <SCraft@xxxxxxxxxxx>
• To: "'isalist@xxxxxxxxxxxxx'" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 3 Mar 2002 19:06:26 -0500

I just pointed ID Serve from grc.com at some development stuff and I got the
response below.  I am web-publishing a server behind the ISA box.  It looks
like the ISA is not only telling me that it is publising something, but that
it is also running IIS.....  Not very good obscurity.  Is there a way I can
edit the HTTP headers on the ISA box to (1) make it not say who/what it is
and (2) mask that it (or anything behind it) is IIS?

Thanks.

HTTP/1.1 200 OK
Via: 1.1 ISADV1
Connection: close
Proxy-Connection: close
Content-Length: 146
Date: Sun, 03 Mar 2002 23:59:58 GMT
Content-Location: http://dmz.com/index.html
Content-Type: text/html
Server: Microsoft-IIS/5.0
Accept-Ranges: bytes
Last-Modified: Sat, 12 Jan 2002 18:42:47 GMT
ETag: "cdf1e7ed989bc11:8c0"
Query complete.

Other related posts:

• » ID Serve Tells All, How to Fake it Out?
• » Re: ID Serve Tells All, How to Fake it Out?
• » Re: ID Serve Tells All, How to Fake it Out?
• » Re: ID Serve Tells All, How to Fake it Out?
• » Re: ID Serve Tells All, How to Fake it Out?
• » RE: ID Serve Tells All, How to Fake it Out?
• » RE: ID Serve Tells All, How to Fake it Out?

1. Home
2. isalist
3. Archive
4. 03-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---