Know the Windows OS version from IIS
| IIS Version | Windows Version |
|---|---|
| IIS4 | NT4 + Expansion pack |
| IIS5 | Windows 2000 server or workstation |
| IIS6 | Windows XP, Vista, 2003 Server |
| IIS7 | 2008 Server, Windows7 |
| IIS7.5 | 2008 Server R2 |
| IIS8 | 2012 Server, Windows8 |
Webserver obfuscations
IIS lockdown tool
Servermask
mod_headers in httpd.conf
"SerferSignature OFF"
Display false banners
Cypher's
Stream Cypher
Encrypt a stream of data (1bit only) good example is the ENIGMA encryption
Block Cypher
Encrypt a fixed block size of data (DES, AES)
Popular due to the inventors of DES. (IBM and NSA) Ment to be very fast as being able to build into ASSIC's.
Was cracked one year after release.
Today only 3DES should be used, if it must be DES at all.