This method will ensure anyone using a plugin like serverspy or sending raw requests via telnet etc. won't be able to gather this information too easily. It doesn't make it impossible however, as vulnerability scanners can fingerprint your services based on known responses from various versions, but it does make it harder, and can serve as a warning that you're paying attention. Like changing the name of your access point ;-)
These instructions are for Ubuntu. If you're using Red Hat you should be able to translate them yourself.
First install mod_security: apt-get install libapache2-modsecurity
Secondly enable it: a2enmod mod-security
Thirdly edit /etc/apache2/conf.d/security - comment out the ServerTokens directive and swap ServerSignature <blah> for SecServerSignature <whatever_you_like>.
Reload apache and that's done!