I believe a .NET error screen does reveal too much. It shows that you're using .NET, which is easy. However, it can also reveal things you don't want revealed such as database platform (some errors are specific to certain databases), table names, field names, etc. Giving away information is an invitation to a nefarious individual to attempt a hack on your site. There are known vulnerabilities on any platform, injection attacks to steal information, denial of service attacks, etc. There's really no reason to post an open invitation, which is how some people look at it.

The .NET error screens exist to help developers during the development process and should be turned off in a production environment.

Do yourself a favor: Look up the CustomErrors tag in your web.config file. http://msdn.microsoft.com/en-us/library/h0hfz6fc%28v=vs.90%29.aspx You can do something like this:

<customErrors mode="On" defaultRedirect="ErrorHandler.aspx">

</customErrors>

You can include directions on how to handle specific error codes (i.e.: 404, 500, etc.). Any other errors are handled by the defaultRedirect attribute and get redirected to that page, where you can log the error. If you know about an error, you can address it. If you never find out that an error occurred, you cannot address it.