Re: [PEN-TEST] "Type-of-webserver"-scanner?

["Bock, John (ISS San Francisco)" <JBock () ISS NET>]

you can use whisker and nmap to do it.
nmap -sS -p 80 -oM port_80 10.10.10.0/24
and
whisker -s server.db -n port_80 -l http_servers

and you'll wind up with output like:
= - = - = - = - = - =
= Host: 10.10.10.3
= Server: JavaWebServer/2.0
you can use whisker and nmap to do it.
nmap -sS -p 80 -oM port_80 10.10.10.0/24
and
whisker -s server.db -n port_80 -l http_servers

and you'll wind up with output like:
= - = - = - = - = - =
= Host: 10.10.10.3
= Server: JavaWebServer/2.0
= - = - = - = - = - =
= Host: 10.10.10.4
= Server: Netscape-Enterprise/3.6 SP1

http://www.wiretrip.net/rfp/bins/whisker/whisker.tar.gz

if you want a general banner grab you could use something like grabbb as
well
http://teso.scene.at/releases/grabbb-0.1.0.tar.gz

On Mon, 11 Dec 2000, Johan.Augustsson wrote:

> I've been 'ordered' to find out how many webservers there are in our
> network and devide them into Apache and IIS. So I ran nmap for port 80 in
a
> small area of our network and found a bunch of servers running some kind
of
> http-servers. Is there any nice tool out there which connects to the
target
> at port 80 and get the servertype for me or do I have to telnet all those
> http-servers. Is there any nice tool out there which connects to the
target
> at port 80 and get the servertype for me or do I have to telnet all those
> servers at port 80 and manually check each server? I guess I could code
> something in Perl, but I'm not a great coder so thats not an option.  :)
>
> Johan Augustsson