Banner grabbing (or reconnaissance) is a technique used by hackers and security teams to gain information about a computer system on a network and services running on its open ports. A banner is a text displayed by a host server containing details like software type and version running in a system or server. So this involves getting software banner information, such as name, version, etc. and discovers insecure and vulnerable applications for compromise and exploitation.
To prevent Banner Grabbing you need to restrict access to certain services. Typically there are 3 response headers which can be restricted or removed for security reasons.
- X-Powered-By: Undertow/1
- X-Powered-By: JSP/2.3
- Server: WildFly/11
- Server: awselb/2.0
To restrict the headers in Smarten, go to standalone.xml file (/smarten/wildfly/standalone/configuration/standalone.xml) and comment the below lines.
This can help harden the security of the application.
Please refer to Application Security Implementation Manual to learn more.
Note: This article is based on Smarten Version 5.0. This may or may not be relevant to the Smarten version you may be using.