Web server leaks a private IP address through its HTTP headers. how to fix

It's absolutely safe to either remove (via Add/Remove Programs) or just disable the Indexing Service if you're not actively using it. In fact, removing it is "The Right Thing(tm)" to do if you're not using it.

As far as docs go, some of the old things you find will still be valid. The Indexing Service is venerable-- it dates back to IIS 4.0 and the Windows NT 4.0 Option Pack. It's actually a pretty interesting piece of code and can do some fairly neat things (uses NTFS ACLs in filtering search results for users, has pluggable file format filters, pluggable noise-word and word-breaker funtionality) but never really gets used because, I believe, Microsoft did a poor job of making it do anything out of the box. (It could well have been the foundation for an enterprise distributed "desktop and server search" if Microsoft had ever put any effort behind it...)

The Platform SDK section for Indexing Service is probably your best bet for learning more about how it works.

This is my understanding of the issue so far:

• sc-win32-status 64 means “The specified network name is no longer available.”
• After IIS has sent the final response to the client, typically it waits for an ACK message from the client.
• Sometimes clients will reset the connection instead of sending the final ACK back to server. This is not a graceful connection close, so IIS logs the “64” code.
• Many clients will reset the connection when they are done with it, to free up the socket instead of leaving it in TIME_WAIT/CLOSE_WAIT.
• Proxies tend to do this more than others do.

Update: I found some interesting information here and here, so I basically re-wrote the page to ensure there wasn't any bad markup etc. and... the problem is now gone! It was just a shot in the dark, and I couldn't definitely say what it was that fixed the problem, since it was only affecting some of our clients under some very specific circumstances...