[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <001101c34265$c2f4f770$0b0010ac@Casa>
From: thalm at netcabo.pt (Tiago Halm)
Subject: [ANNOUNCE]: IISBanner 1.1 released
I would not view IISBanner usage as such.
IISBanner works **exactly** the same way as URLScan in respect to "Server"
response header customization.
The only "advantage" (some may view it as an advantage) is the fact that is
open-source and provides a way to understand programatically how that same
costumization is done.
At another prespective, if one wishes only to change or remove the "Server"
response header, which by itself helps an IIS Web Server (and respective
logfiles) to avoid from getting hit by Nimda and CodeRed infected machines,
then IISBanner is much more performant than URLScan since it only provides
that same feature.
Hope it helps!
Cheers,
Tiago Halm
-----Original Message-----
From: Javier Liendo [mailto:javier@...ndo.net]
Sent: sexta-feira, 4 de Julho de 2003 15:51
To: Tiago Halm; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] [ANNOUNCE]: IISBanner 1.1 released
hello
what are the pro/cons of using IISBanner versus the AlternateServerName or
RemoveServerHeader directive of the URLScan tool?
regards
javier
--- Tiago Halm <thalm@...cabo.pt> wrote:
> Hi all,
>
> IISBanner was totally re-coded and is now
> configurable and fully performant.
> See details below...
>
>
> ============== IISBanner ==============
>
> Author: Tiago Halm
> Version: 1.1
> Platforms: Windows (IIS)
> License: BSD
>
> - Introduction
> - Description
> - Configuration
> - Notes
> - Notes for version 1.0
> - Download
>
>
> Introduction
> ---------------
> ISAPI Filters are the only "safe" way of managing
> (changing, altering,
> customizing) some of the core parts of IIS.
> Customizing the "Server" response header is one of
> those tasks. While
> altering the "Server" response header may be useful
> at a security
> prespective by disguising the web server banner
> (security by obscurity),
> keep in mind that there are much more powerfull ways
> of detecting a server
> type using tools like nmap.
>
>
> Description
> --------------
> IISBanner is an IIS ISAPI Filter that can be used to
> specify a replacement
> for IIS's built in "Server" header, or even to
> instruct IIS to not use the
> "Server" response header altogether.
> The configuration is made by an .ini file, namely "IISBanner.ini".
> This configuration file must reside in the same directory
> of IISBanner.dll.
>
>
> Configuration
> -----------------
> The configuration file contains 2 options:
>
> Name: RemoveBanner
> Values: 0 or 1
> Description:
> - If 1, then the "Server" response header is
> removed, meaning that all IIS
> responses will not contain any "Server" header, and
> the ChangeBanner option
> is ignored;
> - If 0, then the "Server" response header is not
> removed and the
> ChangeBanner option may be used;
> - If commented, then its value defaults to 0;
>
> Name: ChangeBanner
> Values: Any string up to 255 characters
> Description:
> - If string is empty, then IIS's built in "Server"
> response header remains
> unchanged;
> - If string is not empty, then the "Server" response
> header will be changed
> to that same value;
> - If commented, then its value defaults to empty
> string;
>
>
> Notes
> --------
> - Instalation of this ISAPI Filter must be done at
> the WebServer level;
> - The ISAPI runs at low priority;
> - IIS's performance is NOT affected by this ISAPI
> Filter. Any stress test
> will reveal that the number of HTTP requests remains unaffected with
> or without IISBanner;
> - DLL size is now 20Kb (compiled without default
> libraries);
> - IISBanner is installed at http://www.kodeit.org
> and may be viewed by a
> network sniffer at each HTTP response received, or
> through this simple VBS
> script:
>
__________________________________________________________
> Set oHTTP =
> WScript.CreateObject("Microsoft.XMLHTTP")
> Call oHTTP.Open("HEAD", "http://www.kodeit.org",
> False)
> Call oHTTP.Send()
> WScript.Echo oHTTP.GetAllResponseHeaders()
> Set oHTTP = Nothing
>
__________________________________________________________
>
>
> Notes for version 1.0
> --------------------------
> The first version of IISBanner was ONLY
> demonstrative and it suffered from
> performance issues. Although download of version 1.0
> is still available, its
> recommended the use of version 1.1 for any real
> instalation.
>
> Download
> ------------
> IISBanner can viewed at http://www.kodeit.org/utils/iisbanner.htm
>
> Version 1.1
> Binary:
> http://www.kodeit.org/utils/iisbanner.1.1.zip
> Source:
> http://www.kodeit.org/utils/iisbanner_src.1.1.zip
>
> Version 1.0
> Binary:
> http://www.kodeit.org/utils/iisbanner.1.0.zip
> Source:
> http://www.kodeit.org/utils/iisbanner_src.1.0.zip
>
>
> Comments, this time, are very welcome!
>
> Regards,
> Tiago Halm
> http://www.kodeit.org
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists