Is it possible to hide the identity of my Web servers by removing or revising the banner information that is returned with a request?

Yes, you can use an ISAPI filter to hide banner information. For example, you can write a custom ISAPI filter, or you can install the UrlScan security tool. UrlScan contains the RemoveServerHeader feature, which removes or alters the identity of the server from the "Server" response header in the response to the client. IIS 6.0 does not include the RemoveServerHeader feature because it offers no real security benefit. Most server attacks are not operating system-specific. Also, it is possible to detect the identity of a server and information about the operating system by mechanisms that do not depend on the server header.