> Anyone know of an easy/fast way to stop apache from spilling its' > guts when > it gets scanned? >
Taken from: http://www.intersectalliance.com/projects/ApacheConfig/ApacheConfig-2.0.html By default, the Apache server includes a significant amount of information in the reply header of each http request. This reply information is not used by the client's browser, and can be used by automated attack tools to exploit server-specific vulnerabilities. Although the information can usually be inferred by a competent end user through other means, a minor configuration change of the ServerTokens option to "Prod", will reduce the server's exposure to more automated attacks.
