IIS and Network Stealth Checklist

IIS and Network Stealth Checklist

ServerMask obscures and secures HTTP signatures or fingerprints that hackers use to identify and attack Web sites and applications. Even with ServerMask deployed, you should do a few more things to anonymize your server for a complete defense-in-depth security profile. We recommend the following security measures:

Default pages of all kinds and the location of default pages often contain clues to server identity. These elements should be reviewed and removed or modified accordingly.
The default Windows FTP server presents a known banner, so use an alternate FTP server like RhinoSoft's Serv-U that can change the FTP banner display.
Get CustomError: Customized error pages, easily deployed with CustomError, will avoid displaying server-specific error messages that can be identified.
Avoid using "Integrated Windows Authentication" in IIS Security settings. Learn more.
Of course, no amount of Web server anonymization will help if you don't have a well-administered firewall!
Get LinkDeny: Block bad requests, image and file leeching, cut and redirect traffic by country or HTTP details, and get access control with LinkDeny.
Get a ServerDefender: Protect the Web, application and database layers from hacker attacks directly with a ServerDefender Web application firewall built for IIS.
For more on these and other network and IIS security issues, please review these Port80 articles on HTTP and Web server anonymization and network anti-reconnaissance for more information.

There are many aspects to consider when making your server invisible to attackers for anti-reconnaissance. ServerMask, used in concert with the above recommendations, will mask your Web server and network identity from the great majority of intruders, script kiddies, and automated attacks.

Port80 Software
5252 Balboa Ave, Suite 707 San Diego, CA 92117
858.268.7960 tel | 858.268.7760 fax | 888.4PORT80 toll free
info@port80software.com