issuhub.com

CEH

(Jeff_L) #1

118 Chapter 5 ■ Scanning Networks


If you look closely Figure 5.6, you will notice that the line marked server contains

information on the type of server itself. You’ll find this information useful in targeting your

attack.

Telnet is not the only way to gather this information, but it is the most basic and

straightforward method available. Here are some other tools that you should take a

moment to browse:

Netcraft This is an online tool designed to gather information about servers and web

servers. We saw this tool back in the footprinting phase, but it is also useful here.

Xprobe This is a Linux utility that can retrieve information about a system and provide it

to the collector.

p0f This utility is available on the Linux platform; it analyzes the traffic passing back and

forth from client to server. It provides real-time analysis of traffic that can be viewed on

screen or saved to a file for later analysis.

Countermeasures


So how can you counter the grabbing of banners from exposed resources? There are a few

options available that you can deploy.

First, disable or change the banner that the server is exposing. Since we have been

looking at various services it is worth noting that many can have their information

changed. For example, in the case of Internet Information Server (IIS) it is possible to

remove or alter the contents of the banner so the system does not appear to be the same to

scans or banner grabs. Utilities such as IIS Lockdown, ServerMask, and others can remove

this valuable information.

Servers such as IIS and Apache have unique ways of stripping out banner

information, and this varies by version. I will avoid discussing the specifics

of each here and leave the research of how to do this on each version up

to you.

Second, it is possible to hide file extensions on systems such as web servers. The purpose

of this technique is to hide the technology used to generate the web pages. Technologies

such as ASP.NET and Java ServerPages (JSP) can be readily identified by viewing their file

extensions in the web browser. Removing this detail makes for one more obstacle that an

attacker must overcome to get into the inner workings of a server. Technologies such as

PageXchanger for IIS are designed to assist in the removal of page extensions.
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.