Banner Grabbing is a technique to collect information about the system and/or software information like, software version, network port and service information, operating systems version, web server technologies (i.e. apache, nginx) etc. Administrators use this banner grabbing technique to make software inventories. On the contrary, intruders use the same banner grabbing technique to plot and execute successful attacks to have unauthorized access in to the system.
However this technique has below limitations,
- It is possible that target system do not provide any banner information. This may happen when the administrators configure the system in such a way so that while responding to a request, unwanted HTTP response is removed from the header.
- It has certain protocol dependencies. For instance, target system will not expose any information during banner grabbing using UDP.
- This technique shall not work in an environment where unnecessary and irrelevant ports and services are disabled by the administrators.
- As protective measure, administrators can alter the banner information to limit attacks from intruders.
- Patch level information may not be exposed with version information.
In summary, banner grabbing technique is used to collect system information for future use. But, it has certain limitations like, systems information may not be exposed depending on the configurations as well as due to protocol dependencies.
How to use Banner Grabbing to explore «Null Byte :: WonderHowTo. (n.d.). Retrieved from Null Byte :: WonderHowTo: technoglitz.com/how-to-use-banner-grabbing-to-explore-null-byte-wonderhowto/
Khaleque, E. (2019, 03 14). Remove Unwanted HTTP Response Headers. Retrieved from techcommunity.microsoft.com: techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710
Wikimedia Foundation, I. (2019, 10 15). Banner grabbing. Retrieved from Wikipedia: en.wikipedia.org/wiki/Banner_grabbing