Methods To Grab Banners




I hope you enjoyed reading last post on banner grabbing. Here in this post we will discus some tools that can be used to grab banners and we will also have our look on some of the tools that can be used for preventing our banners from getting grabbed. Following are some tools that helps in banner grabbing.
NetCat:
Net-Cat is TCP/IP debugging tool that can be used for banner grabbing. Download Netcat from its official site, its free. Have a look on its documentation about how to use it. Following command works same as telnet for netcat and helps grabbing banner.

C:\netcat\>nc ip_address 80
(Press enter twice and if it doesn't work then type following)
(HEAD /HTTP/1.0 and press enter twice)

Httprint:
Httprint is web server finger printing tool. It uses server signature to identify version of web application running on server. Download it from its official site again its free. I don't think there is need to explain how it works since their own help documentation is very small and easy to understand. Give it a try if you still don't understand how to use it ask me. I'll include a new post on it.

Miart HTTP Header:
Miart HTTP Header tool identifies banner information from HTTP Header and response type. Using it doesn't require any skill just enter URL in input box and press enter.

Prevention Against Banner Grabbing:

Preventing Apache Server And Its Derivative:
We can't say that there is some tool or specific method available via which we can stop banner of Apache from getting grabbed but if you'll have a look on its documentation, you'll find its not even difficult either. Actually full information about Apache and its derivative related problems and their solutions is included in their documentation and they differ for each version. Since they differ for each version I 'll recommend read its documentation to stop Apache giving out valuable information.

Preventing IIS Server:
IIS shares some advantages over Apache since various tools are available that help IIS server to defend itself against banner grabbing.

IIS Lockdown:
Its works by turning off unnecessary features thus providing multiple layer protection. Download it from www.microsoft.com.

Server Mask:
Server Mask removes every detail from website about it is using IIS server including removing all finger printing traces. It removes HTTP headers and also encrypts signatures thus providing protection against signature based banner grabbing.

Page Xchanger:
It is content negotiation tool. It cleans all URLs from extensions and hence make them appear more clear and navigable. It negotiates with every file and extension making site more secure since your site will show nothing about files, extensions and default error messages.

0 comments: