In the age of information awareness and increased security, it became a standard rule to not allow people to do information gathering on your system (at least, as much as possible). I would like it if the HTTP server headers for the admin pages did not give out the OS and Java release information; or at least an option to disable/change it. So instead of:
well, the xmpp iq packets to query local time and os are even worse. I use a reverse proxy in front of my web servers which filters out the server header of them but using a privacy list to disable the iq packets is not so cool.
Ick- I didnt know about the iq packets for os (time is ok, that can be determined in so many ways I expect an outsider to be able to figure out what my clock says)
There should be a way to prevent this too (tack it all into the security page or something)