Penetration Testing mailing list archives
[PEN-TEST] How to deal with others' security ?
From: Nicolas Gregoire <nicolas.gregoire () 7THZONE COM>
Date: Tue, 22 Aug 2000 09:58:50 +0200
Hi, please excuse my (very) poor english. My question is simple : - you have to do a penetration test on a web server. - you discover that there are virtual hosts on the same box than the web site you have to check. first question : do you know how to learn which virtual hosts are hosted on this machine ? (reverse dns lookups, etc ) [I think it's very important to know that because the others web site can have exploitable cgi, resulting in the ability to root the box and deface all the virtual hosts] second question : how to deal with others' virtual hosts security [ie. they have poor cgi] ? how obtain authorization to scan these virtual hosts ? thanks in advance Nicob nicob () 7thzone com
Current thread:
- [PEN-TEST] How to deal with others' security ? Nicolas Gregoire (Aug 22)
- Re: [PEN-TEST] How to deal with others' security ? Max Vision (Aug 23)
- Re: [PEN-TEST] How to deal with others' security ? Ejovi Nuwere (Aug 24)
- <Possible follow-ups>
- Re: [PEN-TEST] How to deal with others' security ? Steve (Aug 23)
- Re: [PEN-TEST] How to deal with others' security ? Meritt, Jim (Aug 24)