Skip to main content

Detect webserver by ip

More
18 years 11 months ago #11711 by apit
Detect webserver by ip was created by apit
i've try a method to detect webserver by ip
one of the method is:

1-telnet to the server ip
2-when the black screen appear, enter this comand:
HEAD / HTTP/1.0
3-Then push enter button 2 times
4-The above info will display(example):

Date: Sat, 26 Nov 2005 04:18:31 GMT
Server: Apache/1.3.26 (Unix) mod_perl/1.24 ApacheJserv/1.1.2
Connection: close
Content-Type: text/html; charset=iso-8859-1


but not all the server we can view the info such yahoo and google and of course firewall.cx :wink:
what should we do to block userfrom view our server info by ip?
More
18 years 11 months ago #11712 by nske
Replied by nske on topic Re: Detect webserver by ip
This is apache's banner which is included at the http response header. You can commonly affect this in three ways:

1) Minimize the verbosity of the sent information through apache's configuration file (directive "ServerTokens"). This way only software's name ("Apache") will be returned, no additional information about modules and OS.
2) Edit Apache's source code (more specifically, SERVER_BASEVERSION in httpd.h).
3) Use Mod Security , which among many security enhancements, can also rewrite Apache's identity at the response header.
More
18 years 11 months ago #11715 by apit
Replied by apit on topic Re: Detect webserver by ip
1) Minimize the verbosity of the sent information through apache's configuration file (directive "ServerTokens"). This way only software's name ("Apache") will be returned, no additional information about modules and OS.

-can you give details about this..Not really understand

2) Edit Apache's source code (more specifically, SERVER_BASEVERSION in httpd.h).

-Do you mean httpd.h source code?
i'll search it here but cannot find the SERVER_BASEVERSION

3) Use Mod Security, which among many security enhancements, can also rewrite Apache's identity at the response header.

-i will study this website..thanks nske
More
18 years 11 months ago #11718 by nske
Replied by nske on topic Re: Detect webserver by ip
1) Directives are certain special words that can be defined in apache's configuration file (httpd.conf) and control various functionality aspects. Directives usually take one or more arguments or values after them. ServerTokens directive takes just one value next to it, which can be one of the keywords: "Full", "OS", Min", "Minor", "Major", "Prod". Each of them corresponds to a verbosity level of information that will be included in the response header, i.e. Full will include informations about OS, specific Apache version, loaded modules, etc, while "Prod" would only include the word "Apache" as a banner. You can find more information about ServerTokens and other important directives in apache's documentation, here .

But in short, you would have to include the line [code:1]ServerTokens Prod[/code:1] in httpd.conf to minimize the returned information.

2) You are right, in apache 2 this is defined in includes/ap_release.h. In apache 1.3 it used to be in httpd.h :)
More
18 years 11 months ago #12262 by apit
Replied by apit on topic Re: Detect webserver by ip
how to check our subnetmask?
let say www.firewall.cx...what is the subnetmask?
Time to create page: 0.127 seconds