RE: ** {Spam} ** reverse proxy identification

[Árni Már Harðarson <arni.hardarson () skyrr is>]

Cisco Routers might have open 80 port. 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of sami ghourabi
Sent: 12. janúar 2007 11:30
To: pen-test () securityfocus com
Subject: ** {Spam} ** reverse proxy identification

I'm currently pentesting C class subnet.
It seems that it hosts webservers, as a large number of IP @ replied OK 
to port 80 scan.
However I dont think that for each IP adress there is a physical server, 
but perhaps a multiplexing device that also does application firewalling.
According to nmap it may be a Blue Coat SG4.
When I browse to the IPs with firefox, I recieve several messages "No 
web site is configured at this address." for some IP.
Does anybody here know if this message is specific to a given reverse 
proxy/web server product ?
Any other experiences similar to this situation are welcome.

Sami.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------