Penetration Testing mailing list archives

RE: Remote connection to Webmin Service (Port 10000)

From: "Pratt, Benjamin E." <bepratt () stcloudstate edu>
Date: Fri, 6 Feb 2004 07:44:33 -0600

Hello -

Webmin isn't only available to the localhost by default, although it
could be made that way.  By default Webmin sets up to run on HTTP port
10000 but most admins, and by default if you have SSL installed and use
Mandrake (and probably others) Webmin will run via HTTPS.

Good luck,

Ben

-----Original Message-----
From: Wu Fei Liang [mailto:cms01017 () cms ac] 
Sent: Tuesday, February 03, 2004 11:25 AM
To: pen-test () securityfocus com
Subject: Remote connection to Webmin Service (Port 10000)

Hello everyone!

I'm currently doing an security audit on a company as a "newbie". After 
scanning the host I leared that several ports were open - including the 
Webmin Port. I tried to connect via Browser to this port but the
operation 
timed out. I believe that it is due to the fact that the Webmin Service
is 
only available to the localhost. But I am wondering why I was able to
connect 
with telnet and download the login-page of Webmin. A simple wget would
do the 
same thing.

Can anybody give me some advice and explain why this is that way?

Thx a lot in advance

Kind regards
-- 

--------------------------------------------------------------
WU Fei Liang                         Computer & Media Security
                                University of Applied Sciences
                                       4232 Hagenberg, Austria

[ Intership ]         weigl interservice - http://www.weigl.de
[ Mail work ]                                    f.wu () weigl de
[ Mail priv ]                              wu_fei_liang () cms ac

[ Public-Key ]
http://pgp.mit.edu:11371/pks/lookup?search=0xC5633638&op=index
--------------------------------------------------------------


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Remote connection to Webmin Service (Port 10000) Wu Fei Liang (Feb 05)
- Re: Remote connection to Webmin Service (Port 10000) sil (Feb 06)
- <Possible follow-ups>
- Re: Remote connection to Webmin Service (Port 10000) Wu Fei Liang (Feb 05)
  - Re: Remote connection to Webmin Service (Port 10000) Jeremiah Cornelius (Feb 06)
    - Re: Remote connection to Webmin Service (Port 10000) LFM (Feb 06)
  - Re: Remote connection to Webmin Service (Port 10000) aaron (Feb 07)
    - Re: Remote connection to Webmin Service (Port 10000) Mattias Ahnberg (Feb 11)
- Re: Remote connection to Webmin Service (Port 10000) Travis Schack (Feb 06)
- RE: Remote connection to Webmin Service (Port 10000) Pratt, Benjamin E. (Feb 06)
- Re: Re: Remote connection to Webmin Service (Port 10000) countz3r0 (Feb 06)
  - Re: Remote connection to Webmin Service (Port 10000) Wu Fei Liang (Feb 06)