Date: Sat, 28 Nov 1998 13:59:23 +0500 (KGT) From: CyberPsychotic <fygrave@tigerteam.net> To: freebsd-security@FreeBSD.ORG Subject: Detecting remote host type and so on.. Message-ID: <Pine.LNX.4.05.9811281331240.4308-100000@gizmo.kyrnet.kg>
next in thread | raw e-mail | index | archive | help
Hello people, This is probably abit offtopic, but anyway, That is not good when someone could figure out what platform you're running your Apache on. Recently I checked site http://www.netcraft.com which could tell you what server and on what platform you're running. They don't provide source for the code, so I just put my sniffer on, and pushed the button (they have webform) to see what that will do. All that box did, was a connection to my 80 port and issuing command HEAD / HTTP/1.0. All what comes for responce is: HTTP/1.0 200 OK Date: Sat, 28 Nov 1998 08:33:05 GMT Server: Apache/1.2.5 Last-Modified: Fri, 30 Jan 1998 06:30:47 GMT ETag: "11dc01-561-34d17397" Content-Length: 1377 Accept-Ranges: bytes Content-Type: text/html Age: 0 Connection: close --- So the place where it picks the type of WebServer is obvious: Server tag. But I wonder how would that figure out what platform I am running.. What comes in mind is that Etag here is something which purpose I don't understand. If that is a platform specific thing, maybe they just did checks on different plattforms and made pre-recordings? would appreciate any hints, best regards ~Fyodor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9811281331240.4308-100000>