About Duffbert...

Duffbert's Random Musings is a blog where I talk about whatever happens to be running through my head at any given moment... I'm Thomas Duff, and you can find out more about me here...

Email Me!

Search This Site!

Custom Search

I'm published!

Co-author of the book IBM Lotus Sametime 8 Essentials: A User's Guide
SametimeBookCoverImage.jpg

Purchase on Amazon

Co-author of the book IBM Sametime 8.5.2 Administration Guide
SametimeAdminBookCoverImage.jpg

Purchase on Amazon

MiscLinks

Visitor Count...



View My Stats

« September 10, 2001... A Day To Remember... | Main| Blogsphere Mod for download - blocking comments by IP address... »

Interesting Notes.ini setting...

Category Software Development


While scanning the Knowledgebase this morning, I ran across this technote.  Not a bad idea to make it a little harder for hackers to tell what your platform might be...


Problem:

When you go to a Domino web site and request a page, the HTML source displays the operating system platform and Domino version.  How can you hide this header information?

<HTML>
<!-- Lotus-Domino (Release 5.0.1a - August 17, 1999 on Windows NT/Intel) -->
<HEAD>





Solution:

Beginning with R5.0.2, you can add the NOTES.INI parameter, DominoNoBanner=1, to suppress the header information.

Excerpt from the Lotus Notes and Lotus Domino Release 5.0.2 QMR fix list:


Web Server - Web Palette
  • SPR# AWHN4A8QWM - Include a new notes.ini variable, "DominoNoBanner=1", to suppress the Domino version/platform information in HTML that is generated by the Web server [5.0.2]

An issue still exists in that the server information may be displayed (1) when the server generates an error page or (2) when you open a telnet session into the HTTP port of the server.  This issue was reported to Lotus Quality Engineering and has been addressed in Domino 5.0.9.


Excerpt from the Lotus Notes and Domino Release 5.0.9 MR fix list (available at http://www.notes.net):


Web Server - Security

SPR# WRAY4X3JWB - The Web Server will no longer display the version of Domino running on HTTP when DominoNoBanner=1 is set in the notes.ini file


Supporting Information:


An enhancement request (SPR# SONL4BSSCX) has been submitted to have this option added to the Domino Web Engine tab in the Server document.


If a router or firewall uses Network Address Translation (NAT), then along with the server version, the internal IP address can be displayed in the Web server's response to the HTTP request.  If you are unable to upgrade to Domino 5.0.9 or later, then this issue can be avoided by putting the fully qualified host name in the "Host Name" field of the Server document (Internet Protocols section, HTTP).


Related Documents:


Historical Number:
 182595

Comments

Gravatar Image1 - I just read your article...

it is also a good idea to hide the SMTP Domino Version via this notes.ini entry here:

{ Link }

Post A Comment

:-D:-o:-p:-x:-(:-):-\:angry::cool::cry::emb::grin::huh::laugh::lips::rolleyes:;-)

Want to support this blog or just say thanks?

When you shop Amazon, start your shopping experience here.

When you do that, all your purchases during that session earn me an affiliate commission via the Amazon Affiliate program. You don't have to buy the book I linked you to (although I wouldn't complain!). Simply use that as your starting point.

Thanks!

Thomas "Duffbert" Duff

Ads of Relevance...

Monthly Archives