Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: In ur server-status

From: Alessandro Fiorenzi <a.fiorenzi () infogroup it>
Date: Mon, 23 Jul 2007 13:21:16 +0200
Well I find is more serious to find /server-info availabable on one of
thats,
you could rebuild some important information on the apache
configuration, modules, directives, etc..

Alessandro Fiorenzi


On Sat, 2007-07-21 at 22:53 -0500, Todd Troxell wrote:


Noticing lots of admins tend to forget about /server-status, I typed at random:

http://www.cnn.com/server-status
http://www.webshots.com/server-status
http://www.download.com/server-status
http://slashdot.org/server-status

I am sure there are ten billion others.  In some cases this is worse than
someone grabbing your access log. 



------------------------------------------------------------------------------------
INFOGROUP S.P.A                                  http://www.infogroup.it
Gruppo Banca CR Firenze
http://www.carifirenze.it
------------------------------------------------------------------------------------

Dott. Fiorenzi Alessandro  
Security Project & Management

Consulente Tecnico Trib. Firenze - Sicurezza Informatica -
Albo consulenti ed esperti CCIAA Firenze
Socio CLUSIT, ALSI  
Member of IEEE Computer Society

Tel    : +390554365742                
CE     : +393356414477                 
@Email : a.fiorenzi () infogroup it 
@Email : Security.Management () infogroup it
PGP Key: http://www.infogroup.it/ds/fiorenzi.asc
------------------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: