I am a big fan of the Sun One Web Server, although I dislike the fact that it provides the server software and version by default in the HTTP header:
$ telnet localhost 80
Trying 127.0.0.1… Connected to localhost.localdomain (127.0.0.1). Escape character is ‘^]'. HEAD / HTTP/1.0
HTTP/1.1 200 OK Server: Sun-ONE-Web-Server/6.1 Date: Fri, 23 Feb 2007 22:41:21TGMT:00-04:00 Content-length: 179 Content-type: text/html Last-modified: Tue, 20 Feb 2007 14:30:21 GMT Accept-ranges: bytes Connection: close
Connection closed by foreign host.
This gives out more information that I care to share, and provides remote attackers with an extra piece of information to determine the software stack that is in use. Luckily the value reported in the “Server” attribute can be changed by adding the “ServerString” directive to the magnus.conf. Here is a sample magnus.conf entry that sets the “Server” attribute to the string “Apache”:
ServerString Apache
Once this directive is set, the web server will return the string “Apache” instead of the string “Sun-ONE-Web-Server/6.1”:
$ telnet localhost 80
Trying 127.0.0.1… Connected to localhost.localdomain (127.0.0.1). Escape character is ‘^]'. HEAD / HTTP/1.0
HTTP/1.1 200 OK Server: Apache Date: Fri, 23 Feb 2007 22:43:58TGMT:00-04:00 Content-length: 179 Content-type: text/html Last-modified: Tue, 20 Feb 2007 14:30:21 GMT Accept-ranges: bytes Connection: close
Connection closed by foreign host.
Tis all about not disclosing information if you don’t have to!