Security Incidents mailing list archives
Re: Scanners using netcraft?
From: jericho () DIMENSIONAL COM (mea culpa)
Date: Mon, 10 Jan 2000 15:24:48 -0700
Hi, netcraft.com routinely scans web sites and publish their survey of http server software. See http://www.netcraft.com/. They also scan port 443 (https) for the same reasons, and I've seen them try to do DNS zone transfers although not recently. I don't think their activity is harmful, probably just an unrelated event.
It should be noted that Netcraft *could* be used for this quite trivially. A user can pass any third party web server to the Netcraft query engine (even via lynx and a single command) and find out the resulting server. So a quick script to check entire class C networks would be trivial to write, grep out a specific server, then throw attacks at them. http://www.netcraft.com/whats/
Current thread:
- Scanners using netcraft? Michael Damm (Jan 05)
- Re: Scanners using netcraft? Richard Trott (Jan 05)
- Re: Scanners using netcraft? Mike Johnson (Jan 05)
- Got cracked/attacked this morning Filip M. Gieszczykiewicz (Jan 08)
- god damn - we got rooted again (long, alas) Filip M. Gieszczykiewicz (Jan 09)
- rootkit site found in sniff log (??) Filip M. Gieszczykiewicz (Jan 09)
- Re: Scanners using netcraft? Al Huger - Mail Account (Jan 05)
- Port 3593 Raistlin (Jan 05)
- Re: Scanners using netcraft? sekurity (Jan 05)
- <Possible follow-ups>
- Re: Scanners using netcraft? Eric Cholet (Jan 05)
- Re: Scanners using netcraft? mea culpa (Jan 10)