Security through obscurity doesn´t work.
It just works IMHO - maybe only 4 specific purposes, but it works.
Most of the the activity in your logs, including hack/exploit attempt are from scriptkiddies who couldn't care less what version your running. The just throw their cookbooks at your IP/firewall regardless.
e.g. you give false/faked or none replys to such telnet request, will give all, not only the kiddies, a false first impression and maybe they fail or will never find what they're searching for, cauze it's there but with a mask.
I believe there´s other ways of getting Apache to reveal it´s version too, so this wont work.
Then modify the f***ing version string before compile, often in version.c and give your attacker a nice wrong intention of his counterpart, e.g IIS profile. Just my point of view Michael Appeldorn