https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717402#M64939 <HTML><HEAD></HEAD><BODY><P>I don't know the answer but I am interested in a solution to this also. </P></BODY></HTML> Tue, 28 Jun 2011 15:08:24 GMT Justin Westover 2011-06-28T15:08:24Z https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717401#M64935 <P>Hi,</P><P></P><P>IS there anyone who knows how to prevent a web server scan from getting the version of the IIS web server through a cisco IPS. I tried to set all the signatures that fired to ( drop packet, reset TCP connecction and drop connection inline ) but none worked. The results of a the vulnerability scan through the IPS are still showing the DNS version, IIS version. Can something be done on the IPS level?</P><P></P><P>Regards</P> Sun, 10 Mar 2019 12:23:20 GMT https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717401#M64935 k.abillama 2019-03-10T12:23:20Z https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717402#M64939 <HTML><HEAD></HEAD><BODY><P>I don't know the answer but I am interested in a solution to this also. </P></BODY></HTML> Tue, 28 Jun 2011 15:08:24 GMT https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717402#M64939 Justin Westover 2011-06-28T15:08:24Z https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717403#M64943 <HTML><HEAD></HEAD><BODY><P>Hello k.abillama,</P><P></P><P>Can you provide a packet capture of the scan? Please gather full-length packets so that the payload is included.</P><P></P><P></P><P>Thank you,</P><P>Blayne Dreier</P><P>Cisco TAC Escalation Team</P><P></P><P>**Please check out our Podcasts**</P><P><SPAN>TAC Security Show: </SPAN><A class="jive-link-external-small" href="http://www.cisco.com/go/tacsecuritypodcast">http://www.cisco.com/go/tacsecuritypodcast</A></P><P><SPAN>TAC IPS Media Series: </SPAN><A class="jive-link-wiki-small" href="https://community.cisco.com/docs/DOC-12758">https://supportforums.cisco.com/docs/DOC-12758</A></P><P></P></BODY></HTML> Tue, 05 Jul 2011 18:29:07 GMT https://community.cisco.com/t5/network-security/preventing-web-server-scans-on-ips/m-p/1717403#M64943 Christopher Dreier 2011-07-05T18:29:07Z