Penetration Testing mailing list archives

Re: http fingerprinting

From: Franck Veysset <franck.veysset () rd francetelecom com>
Date: Thu, 10 Apr 2003 08:48:43 +0200

this remind me the RFP talk at Hivercon.
Have a look at :
http://www.wiretrip.net/rfp/talks/hivercon-2002/
RFP gives some information on web server fingerprinting techniques.

-Franck

Rick Hoekman wrote:

Anyone know if there are tools to fingerprint webservers that do not
give away their type and version?

As far as I know there is a paper/thesis on one tool called HMAP.pl. You
can read it here http://seclab.cs.ucdavis.edu/papers/hmap-thesis.pdf

Thanks!

Rick



--
Franck VEYSSET  - France Telecom R&D/DTL/SSR
mailto: franck.veysset () rd francetelecom com


--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just

what's going in and out of your organization.--------------------------------------------------------------

Current thread:

http fingerprinting Rick Hoekman (Apr 09)
- Re: http fingerprinting Eric Haugh (Apr 10)
- Re: http fingerprinting Franck Veysset (Apr 10)
- Re: http fingerprinting Nicolas Gregoire (Apr 10)
- Re: http fingerprinting Wojciech Pawlikowski (Apr 10)
- Re: http fingerprinting shawnmer (Apr 11)
- <Possible follow-ups>
- Re: http fingerprinting Bill Pennington (Apr 10)
- RE: http fingerprinting Dieter Sarrazyn (Apr 10)