Reconnaissance means nothing but Information Gathering. Thus an attacker or a pen tester should have some information about the target to get the it exploited. Reconnaissance includes Fingerprinting, Foot printing, Google Hacking and Social Engineering.

Many of the times, Error Messages provides most useful information about web applications and servers which it should not supposed to be. They may show the server name, type, version, etc.

Fig. Default error page for Microsoft IIS

Fig. Default error page for Linux Apache Server

As apache tomcat is the server used by the Linux server systems and Internet Information services is the server used by Microsoft systems. Hence default error pages should be replaced with the custom error pages to stop the leaking the information through error massages.