Security Basics mailing list archives
Re: help interpreting the nmap output
From: miguel.dilaj () pharma novartis com
Date: Wed, 15 Dec 2004 14:39:40 +0100
Hi Ivan, What tool are you using to try to connect? If you were using telnet, try netcat to establish a raw connection instead. As for the Apache question: $ nc -vv 192.xxx.yyy.zzz 80 www.xxxxxxxxxxxxxxxxxx.net [192.xxx.yyy.zzz] 80 (http) open HEAD / HTTP/1.1 Host: www.xxxxxxxxxxxxxxx.net [PRESS ENTER TWICE] HTTP/1.1 200 OK Date: Wed, 15 Dec 2004 13:35:21 GMT Server: Apache/1.3.27 (Unix) Content-Type: text/html [PRESS CTRL-C TO STOP] So basically you connect to port 80 of the host, after successful connection type "HEAD / HTTP/1.1", press ENTER, type "Host: {name of the website}", press ENTER twice. If everything is OK you'll get a nice banner from the server. You can try the above. Remember that's possible to tweak Apache in order NOT to show the version. Cheers, Miguel Dilaj (Nekromancer) Vice-President of IT Security Research, OISSG "Ivan Fratric" <hacky_2001 () hotmail com> 14/12/2004 18:43 To: security-basics () securityfocus com cc: (bcc: Miguel Dilaj/PH/Novartis) Subject: help interpreting the nmap output Hi, I'm running nmap on Windows XP. Normally, it works fine (when I use it to scan a computer for which I know what services it's running) and returns detailed info on the services installed. However, I tried to run it on a web server on the Internet and I have trouble getting all the info. Using -A -T4 options on a server and I receive the following reply {snip} So, why the question marks next to the open protocols? Next I tried connecting to the telnet and ftp, but I get disconnected straight away. So I tried to get more info on the http and https by calling nmap with -sV -p 80 or -sV -p 443 options. Since it's a web server it is certainly running those services. I get something like 80/tcp open Apache httpd Anyway, no sign of the Apache version. So, how can I find out what version of the Apache a server is running? What is the best way to proceed from here? TIA _________________________________________________________________ Don't just search. Find. Check out the new MSN Search! http://search.msn.com/
Current thread:
- help interpreting the nmap output Ivan Fratric (Dec 14)
- RE: help interpreting the nmap output Harshul Nayak (Dec 17)
- <Possible follow-ups>
- Re: help interpreting the nmap output miguel . dilaj (Dec 15)
- Re: help interpreting the nmap output Corey LeBleu (Dec 16)
- Re: help interpreting the nmap output Corey LeBleu (Dec 16)
- Re: help interpreting the nmap output Corey LeBleu (Dec 16)
- Re: help interpreting the nmap output miguel . dilaj (Dec 17)