What info does a Mac broadcast and how to hide it?
First make sure that you're running a firewall that is prohibiting all inbound and outbound connections on the server. Then open only those ports you need for the production to run fine.
Most applications can be configured to not identify their exact version, but remember that this is not really giving you any more security, it is just a tad harder to exploit.
After you've "hardened" your machine like this you could fire up a second machine in the same subnet and launch a utility like Wireshark (Wireshark download page) to listen to the chatter of your cloud server. This way you get additional hints about processes that you might want to silence.