My long-time favorite is server="Microsoft-IIS/5.0" ;-). "Mark Thomas" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > No idea. Try "", " ", "Tin foil hats R us" or something similar. I am not > even sure this is why your scanner is reporting a problem. > > Mark > > Gao, Frank wrote: >> What the server parameter value should be in order to pass the security >> scan? >> -----Original Message----- >> From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Friday, June 10, 2005 >> 2:14 PM >> To: Tomcat Users List >> Subject: Re: Tomcat Web Server "ServerTokenNotSet" Vulnerability >> >> Try setting the server parameter on the connector. See >> http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html >> >> Mark >> >> Gao, Frank wrote: >> >>>Hi, >>>I have a Tomcat 5.5.7 standalone webserver running on my machine, >> >> recently >> >>>I got a security scan warning of "ApacheServerTokenNotSet". >>> Does anyone know how to configure the Tomcat 5.5.7 to pass this security >>>scan? I know there is a 'ServerTokens' directive for Apache Web Server >>>that I can use to limit the information giving out. But I cann't >> >> find >> >>>anything similar on Tomcat Web Server. >>> >>>Anyone has any idea about this? >>> >>>Thanks, >>> >>>Frank >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]