Hosting Provided By

Re: http fingerprinting

From: shawnmer <shawnmer(at)io.com>
Date: Thu Apr 10 2003 - 18:42:56 EDT

Hi,

Jeremiah Grossman gave a presentation at Seattle Blackhat 03 that may shed some light on this...in particular he covers using OPTIONS as unique identifiers.

http://www.blackhat.com/presentations/bh-asia-02/bh-asia-02-grossman.pdf

Thanks,

-scm

RH:Rick Hoekman

RH>Anyone know if there are tools to fingerprint webservers that do not
RH>give away their type and version?
RH>
RH>As far as I know there is a paper/thesis on one tool called HMAP.pl. You
RH>can read it here 
http://seclab.cs.ucdavis.edu/papers/hmap-thesis.pdf
RH>
RH>Thanks!
RH>
RH>Rick
RH>
RH>

--------------------------------------------------------------

Costs are climbing and complaints are rising as SPAM overloads your e-mail servers and Inboxes SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2 Download a free trial and see just
what's going in and out of your organization.

Received on Fri Apr 11 13:31:47 2003

This message: [ Message body ]
Next message: Matt Foster: "RE: Firewall Testing Software"
Previous message: Asim Shaikh: "BIND/DNS Version check"
In reply to: Rick Hoekman: "http fingerprinting"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:35 EDT