SAN DIEGO, Calif., - October 30, 2002 — Port80 Software, Inc., an innovative developer of software modules for Microsoft's Internet Information Server (IIS), launches ServerMask 2.0, a new Web server module that hides or obscures the identity of a Windows Web server from the majority of potential hackers. ServerMask 2.0 proactively enhances Web server security against hacking & server-specific exploits by masking telltale signs that Windows IIS is running on a Web server, effectively making the server anonymous to potential intruders.
"With over 43,000 attempted exploits against Windows systems in 2002 so far*, companies are looking for effective solutions to combat the ongoing danger of unwanted intrusion and hacking into sites and Web servers," said Joseph Lima, COO of Port80 Software. "Server anonymization does not imply that a Web server is 'hacker proof', but why expose the obvious signals that you are running Windows IIS -- a Web server with known vulnerabilities and a favorite hacker target? With ServerMask 2.0 and a few logical security steps, you will be on the road to hiding your server's identity."
ServerMask 2.0 removes or modifies unnecessary response data. The software provides control over what Server header data, if any, is visible in HTTP responses. Session cookie masking, a unique feature not available in any other software, permits the customization of any type of session cookie (including the Windows-specific ASP session cookie). ServerMask 2.0 can emulate the Apache Web server's HTTP header order and disable Microsoft WebDav with one click to suppress its multiple identifiable headers. It also removes the Windows-specific Public header from HTTP responses, a relic of HTTP 1.0 seldom used today, and converts the Windows SMTP banner to any message.
ServerMask 2.0 is a fast, robust IIS module that can be installed and configured in less than two minutes. It has a small memory footprint (279KB for an ISAPI filter and MMC snap-in extension), a super fast ISAPI filter with no noticeable server performance impact, and is easy to configure with MMC interface. The IIS server module is a convenient, cost effective solution to discourage low-level crackers and baffle their malicious scripts that try to discover a Windows Web technology platform.
ServerMask 2.0 runs on Windows NT, 2000 and XP with IIS 4.0, 5.0 and 5.1 and is compatible with major third party server-side scripting platforms and the Microsoft IISLockdown & URLScan solutions. The new IIS server module is available for a free 30 day trial download and $49.95 for a permanent single server license at www.port80software.com.
*According to CERT.org.