Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Port 443 Banner

3 views
Skip to first unread message

Morley Lee

unread,
May 6, 2008, 12:46:23 PM5/6/08
to
Does anyone know how to modify Port 443 banner for OWA? I know how to do it
for SMTP, Pop, etc. We just got an audit report done (see below) and they
suggest modifying the banner to not include

Issue 2: HTTP Server Type and Version
The HTTP server's type and version were able to be enumerated. Many exploits
rely on version information and many hack tools use the version information
as a guide for the attack. Where possible, it is the best practice to remove
or modify version information.
The assets affected by this issue are:
xyz.xyz.com:https (443/tcp)

Any help would be appreciated.
Thanks in advance,
Morley


Andy David {MVP}

unread,
May 6, 2008, 1:17:14 PM5/6/08
to
On Tue, 6 May 2008 11:46:23 -0500, "Morley Lee"
<mor...@netsys-tech.com> wrote:

>Does anyone know how to modify Port 443 banner for OWA? I know how to do it
>for SMTP, Pop, etc. We just got an audit report done (see below) and they
>suggest modifying the banner to not include

Fire the auditors.

artie lange

unread,
May 6, 2008, 1:22:37 PM5/6/08
to
Andy David {MVP} wrote:
> On Tue, 6 May 2008 11:46:23 -0500, "Morley Lee"
> <mor...@netsys-tech.com> wrote:
>
>> Does anyone know how to modify Port 443 banner for OWA? I know how to do it
>> for SMTP, Pop, etc. We just got an audit report done (see below) and they
>> suggest modifying the banner to not include
>
> Fire the auditors.

Splorf! Coffee all over my monitor! Damn and the keyboard is only 3
weeks old!

a@tleederbyshired.0.tc.0.m Lee Derbyshire [MVP]

unread,
May 6, 2008, 2:17:39 PM5/6/08
to
"Morley Lee" <mor...@netsys-tech.com> wrote in message
news:%23Ee0hj5...@TK2MSFTNGP06.phx.gbl...

Try this:
http://support.microsoft.com/kb/317741

Lee.

--
_______________________________________

Outlook Web Access for PDA, OWA For WAP:
www.leederbyshire.com
________________________________________


a@tleederbyshired.0.tc.0.m Lee Derbyshire [MVP]

unread,
May 6, 2008, 2:24:04 PM5/6/08
to
"Lee Derbyshire [MVP]" <email a@t leederbyshire d.0.t c.0.m> wrote in
message news:eLZW5V6r...@TK2MSFTNGP02.phx.gbl...

> "Morley Lee" <mor...@netsys-tech.com> wrote in message
> news:%23Ee0hj5...@TK2MSFTNGP06.phx.gbl...
>> Does anyone know how to modify Port 443 banner for OWA? I know how to do
>> it for SMTP, Pop, etc. We just got an audit report done (see below) and
>> they suggest modifying the banner to not include
>>
>> Issue 2: HTTP Server Type and Version
>> The HTTP server's type and version were able to be enumerated. Many
>> exploits rely on version information and many hack tools use the version
>> information as a guide for the attack. Where possible, it is the best
>> practice to remove or modify version information.
>> The assets affected by this issue are:
>> xyz.xyz.com:https (443/tcp)
>>
>> Any help would be appreciated.
>> Thanks in advance,
>> Morley
>
> Try this:
> http://support.microsoft.com/kb/317741
>
> Lee.

BTW, check to see if you already have a URLScan.ini file, before you install
it. If you have SBS, it will already be there.


0 new messages