Security: HTTP headers that expose web application / server vulnerabilities

Today's blog post will cover how ASP.net response HTTP headers can expose security holes in your web application and servers. The post
will also contain steps on how to remove this headers and mitigate chances of getting attacked using C# and ASP.net MVC.
Problem
When an attacker performs an attack on a web server, the first thing he /she needs to do is to identify the profile of his target. To profile a target
web application / server, an attacker would have to perform the following steps:
Identify the address of the web application.Identify the OS where the web application residesIdentify the type of server (IIS, Apache, etc) that was hosting the web applicationIdentify the frameworks (ASP.net MVC, PHP, JSF) used by the applications
After an attacker gathers the following information, the attacker would proceed on using penetration tools (Kali's Metasploit and Websploit) to perform different kinds of attacks to
dis…