httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dan Poirier <>
Subject [users@httpd] Re: Fixing HTTP Service / Server Version Detected
Date Wed, 10 Jun 2009 12:35:30 GMT
Eric Covener <> writes:

> On Wed, Jun 10, 2009 at 7:53 AM, Singh, Sukhjeet
> <> wrote:
>> The server allows capture of the HTTP service banner. Service banners can
>> contain sensitive information, such as application and Operating System (OS)
>> version numbers. An attacker can use the version information from your Web
>> server to determine if there are any known vulnerabilities present, or can
>> use such information to create attacks towards the specific application or
>> OS.

Sukhjeet, you can hide this information, but I wouldn't think it would
make your server any more secure.  Most attackers will probably just try
a bunch of known vulnerabilities without even looking at the OS and

Dan Poirier <>

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message