Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Scan virtual hosts

From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Thu, 25 Aug 2005 13:44:30 +1200
Geert, 


-----Original Message-----
From: Geert VAN ACKER [mailto:geert.vanacker () pandora be] 
Sent: Thursday, 25 August 2005 2:49 a.m.
To: pen-test () securityfocus com
Subject: Scan virtual hosts

Dear list,

is it possible to enumerate all virtual hosts on a given IP 
address ? I
prefer Linux soft.


As virtual hosts are defined just by a Host: header in client's request, I'm
pretty sure that there is no way (please let me know if there is!) to
enumerate virtual hosts from a remote machine.

The only way is to check the actual configuration file of the HTTP daemon,
for which you need local hosts access, of course.

If you know that only certain domain is hosted on a particular physical
machine, and if you can get the DNS zone for that domain, you can check
which hostnames' pointers go to that physical machine.

Cheers,

Bojan

--
Bojan Zdrnja, CISSP, RHCE
Security Implementation Specialist
Information Technology Systems and Services (ITSS)
The University of Auckland, New Zealand
Previous By Date Next
Previous By Thread Next

Current thread: