| 94 |
| Change port banners in Windows 2000 Server |
| Through port banners, hackers can learn more about your machines than you want them to know. |
| This alone is incentive enough to want to change those banners. Unfortunately, changing port |
| banners varies according to service, so there isn't just one place you can go to change them all. Each |
| individual service requires special care. |
| However, Microsoft offers a method for changing the banner on your IIS server, and there are other |
| methods for changing banners on services such as Apache, FTP, and SMTP. |
| To change the banner on your IIS servers, you need the Web server running IIS and Urlscan, a |
| utility available free on the Microsoft Web site as part of the IIS Lockdown tool. When you have |
| these, take the following steps: |
| http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/urlscan.asp |
| Download and install Urlscan if it's not already installed. |
| Open the Urlscan.ini file in the %systemroot%\system32\inetsrv\urlscan folder. |
| Set the RemoveServerHeader line to 1 and save the file. |
| Restart the IIS by first typing "net stop w3svc" and then "net start w3svc" in the command prompt. |
| Changing banners in other services is more difficult. For Windows 2000, you can get some tools |
| that will hack the binary files and change the banners. (Note: Microsoft does not support this |
| method.) If you are using Exchange 2000 on Windows 2000, take a look at Microsoft Knowledge |
| Base articles Q303513 (How to Modify the POP or IMAP Banner) and Q281224 (How to Modify the |
| SMTP Banner). If you need utilities for Apache, IIS, FTP, and SMTP, take a look at N-Stalker's |
| Web site. N-Stalker is a digital security company. |
| http://www.nstalker.com/banners.php |
First Previous Next Last |