After two years in development, ServerMask for IIS 3.0 has been released and is ready for a test drive on your Windows IIS Web server!
This IIS security tool captures and obscures outbound HTTP header and other types of signatures used by hackers' network probe tools to determine what type of technology you are running -- and then target an exploit. Yes, you still need firewalls and IDS/IPS systems, but ServerMask will make your server less of a hacker target and will induce mistargeted exploits that bolster the security of your entire network.
Combined with the ServerMask ip100 and IP1000 appliances, which provide anti-recon and intrusion defense at the TCP/IP layer in an appliance form factor, ServerMask for IIS 3.0 brings full server anonymization to IIS, including detailed HTTP response-code specific signature masking and support for safely serving sites with no file extensions (including a handy, freeware command line file extension stripper to get you started). More than an update, ServerMask for IIS 3.0 is a completely new application and worth taking another look at...
A soon-to-be-released case study on the U.S. General Services Administration’s deployment of all ServerMask security solutions will highlight the premier U.S. government purchasing agency’s success with the technology -- defeating over 1,300 exploits with ServerMask in a recent external security audit! More to come on this great example of ServerMask in action at the GSA!
Please take ServerMask for IIS 3.0 for spin, and let us know what you think.
It’s time to make it a bit harder for hackers scanning your network to find what they are looking for: a way in with a friendly “Microsoft-IIS/6.0” welcome sign. Mask those Web servers, folks.
Best regards,
Port80 Software