Cloak and Dagger Security: Hide and Protect your Server

Posted: March 22nd, 2010 | Filed under: IIS & HTTP, Web Security Tools | Tags: http headers, pci, security, serverdefender, servermask

Typically, the first step on the road to hacking a particular site is knowing all there is to know about that site, including what type of server it is hosted on. Server anonymization is a method of enhancing the security of a host by removing the ability of hackers and other intruders to get identifying information about a system, such as the vendor and version of its OS and any applications that might be running on it. This kind of information is enormously useful to people or programs that access hosts with malicious intent. Read the rest of this entry »

No Comments »

PCI DSS 6.5.6

Posted: January 20th, 2010 | Filed under: IIS & HTTP, Web Security Tools | Tags: error handling, pci, servermask

Information Leakage and Improper Error Handling

Information leakage and improper error handling happen when web applications do not limit the amount of information they return to their users. Web applications have the potential of leaking information about the version of web server (IIS, Apache, etc..) you are running, operating system, patch levels, and name and versions of web applications (PHP, SSL, SQL) your site may be utilizing. This in itself is an important lack of security, but showing detailed error bugs or debug code is as well.
Read the rest of this entry »

No Comments »

Cloak and Dagger Security: Hide and Protect your Server

PCI DSS 6.5.6

Recent Posts

Archives

Categories