Banner Grabbing:
Banner grabbing (or reconnaissance) is a technique used by hackers and security teams to gain information about a computer system on a network and services running on its open ports. A banner is a text displayed by a host server containing details like software type and version running in a system or server. So this involves getting software banner information, such as name, version, etc. and discovers insecure and vulnerable applications for compromise and exploitation.
Solution:
To prevent Banner Grabbing you need to restrict access to certain services. Typically there are 3 response headers which can be restricted or removed for security reasons.
They are;
- X-Powered-By: Undertow/1
- X-Powered-By: JSP/2.3
- Server: WildFly/11
- Server: awselb/2.0
To restrict the headers in Smarten, go to standalone.xml file (/smarten/wildfly/standalone/configuration/standalone.xml) and comment the below lines.
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
This can help harden the security of the application.
Please refer to Application Security Implementation Manual to learn more.
Note: This article is based on Smarten Version 5.0. This may or may not be relevant to the Smarten version you may be using.