06-24-2010 09:56 AM - edited 03-11-2019 11:03 AM
Is there a way within the ASA that I can block or disable the http header information obtained during external scans? Specifically the http server version 1.0 etc.
06-24-2010 10:41 AM
"no http server enable" will stop the ASA from doing HTTP.
Not if you are doing webvpn then you can't avoid it responding to HTTP requests.
I hope it helps.
PK
06-24-2010 10:45 AM
pkampana: We are indeed using the webvpn functionality within the appliance for ssl remote access sessions. Do you know if there is any documentation that supports this position? It can't be disabled in other words? I have not been able to find it. Thanks a million for your response also!
06-24-2010 09:00 PM
There is no documentation (other than this post) that indicates that the version in the ASA's web server can't be
removed/disabled.
However, please be aware that the ASA web server is custom built, for a very specific capability (management and webvpn), and as such generally doesn't suffer from any of the vulnerabilities that exist in standard web servers.
Sincerely,
David.
06-29-2010 07:49 AM
Thank you for the follow up information David! Great information and Forum.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: