According to Ivan Ristic: > I recently changed the signature of the Apache running on > modsecurity.org (to pretend to be IIS5). As a result, I've started > getting more IIS-related attacks than before. So, the signature > does matter.
I'm getting IIS-related attacks on my servers even without confguring an ISS server header. If everyone starts changing the server header to some funny name or to remove it completely, newer exploit tools won't bother to check it at all, but just try to exploit the server. ciao... -- Lars Eilebrecht - Quoting one is plagiarism. [EMAIL PROTECTED] - Quoting many is research.
