Penetration Testing mailing list archives
AkamaiGhost
From: "Jeremy Junginger" <jj () act com>
Date: Wed, 1 Oct 2003 11:40:29 -0700
I have recently stumbled across a webserver that I have not seen very much in the past, and would like to get some input on the architecture of the application if any of you have seen it during your penetration testing (feel free to include archived pen-test/vuln-dev links) . The webserver is AkamaiGHost, which, I think stands for Akamai Global Host. As I understand it, the server is an "internally developed" application that is designed to serve as a "geographically co-located caching server" for your website. Basically, they mirror your site on a server at different ISP/POPs to deliver the content faster from a closer location. The host is certainly a Linux machine, as far as IP stack fingerprinting goes, but ONLY port 80 permitted to the host (at least only TCP port 80, I have not yet run a UDP scan on the machine)...so it begins... :) At any rate, I would like to know if any of you have conducted pen-tests against such a host, and your experiences if you have. Thanks, and have a great day. Oops, almost forgot, the nessus and amap scans were inconclusive (other than "HTTP is open"), and here is some HTML output from a few requests...nothing too great...just 400 responses :) HEAD / HTTP/1.0 yields the following: HTTP/1.0 400 Bad Request Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 132 ... Connection: close GET /stuff /HTTP/1.0 gets the following response: HTTP/1.0 400 Bad Request Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 136 ... Connection: close <HTML><HEAD> <TITLE>Invalid URL</TITLE> </HEAD><BODY> <H1>Invalid URL</H1> The requested URL "/stuff", is invalid.<p> </BODY></HTML> Thoughts? -Jeremy This e-mail message and all attachments transmitted with it may be confidential and are intended solely for the addressee(s). If you are not the intended recipient or the person responsible for delivering it to the intended recipient, you are hereby notified that any reading, dissemination, distribution, copying, or other use of this message or its attachment(s) is strictly prohibited. If you receive this email in error, please immediately notify the sender of the message or Best Software, Inc. by e-mailing postmaster () bestsoftware com and destroy all copies of this message. Best Software, for the protection of our internal systems and those of our customers, does block most email attachments. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- AkamaiGhost Jeremy Junginger (Oct 01)
- <Possible follow-ups>
- RE: AkamaiGhost Bassett, Mark (Oct 02)