The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

In principle, any item of information returned by the server may be cus-

tomized or even deliberately falsified, and banners like the 

Server

no exception. Some web server software includes a facility for administrators

to set an arbitrary value for the 

Server

ucts that use various methods to try to prevent a web server’s software from

being detected, such as ServerMask by Port80 Software.

Attempting to grab the server banner from Port80’s own web server does

not appear to disclose much useful information:

HEAD / HTTP/1.0

Host: www.port80software.com

HTTP/1.1 200 OK

Date: Sun, 04 Mar 2007 16:14:26 GMT

Server: Yes we are using ServerMask!

Set-Cookie: countrycode=UK; path=/

Set-Cookie: ALT.COOKIE.NAME.2=89QMSN102,S62OS21C51N2NP,,0105,N7; path=/

Cache-control: private

Content-Length: 27399