During security audit scans, it is sometimes seen that a Microsoft Internet Information Services (IIS) server is exposing the servers internal ip, when a speciel get request is sent to the server.
This can be due to misconfig, unpatched server or maybe something that is default.
It can be amended by running this on IIS servers from 2008 R2 and up:
appcmd.exe set config -section:system.webServer/serverRuntime /alternateHostName:”mail.domain.com” /commit:apphost
Reboot is not needed and now it will display “mail.domain.com” instead of it’s internal ip.
Related Posts
Reported Zero-day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019- New Windows 10 vulnerability allows anyone to get admin privileges
- PrintNightmare: Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability
- PrintNightmare: Out-of-band updates ready – patch now!
- Exploit: PrintNightmare
- PATCH NOW: April 2021 Exchange Server Security Updates