18th Annual Computer Security Applications Conference
December 9-13, 2002
Las Vegas, Nevada

Detecting and Defending against Web-Server Fingerprinting

Dustin Lee
Montana State University
United States

Jeff Rowe and Karl Levitt
University of California, Davis
United States

Calvin Ko
Network Associates
United States

Cyber attacks continue to increase in sophistication. Advanced attackers often gather information about a target system before launching a precise attack to exploit a discovered vulnerability. This paper discusses techniques for remote identification of web servers and suggests possible defenses to the probing activity. General concepts of fingerprinting and their application to the identification of Web servers, even where server information has been omitted are described and methodologies for detecting and limiting such activity are discussed.

Keywords: Webserver Fingerprinting HTTP

Read Paper Read Paper (in PDF)