Friday, February 08, 2008

ISAPI and IIS Server Header

IIS puts "Server:Microsoft-IIS6" or something like this string into the returned header from server in http. that is somehow a security hole because a person who is interested in doing bad things or anything to some server its first rule for them to learn what are they dealing with.

so I needed to close this way. I made a research but its kinda old old old articles everywhere and not most of them useful. here is my solution. at the end these is source code included for Xmask I tried to change this server header to something else like "Server:Mascix" but it did not work I dunno why but at the end it cleaned what I wanted :)

No comments:

C# scan cs file and find variables values and names

using Microsoft . CodeAnalysis ; using Microsoft . CodeAnalysis . CSharp ; using Microsoft . CodeAnalysis . CSharp . Syntax ; using Xunit . ...