Penetration Testing mailing list archives
RE: Scan virtual hosts
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Thu, 25 Aug 2005 13:44:30 +1200
Geert,
-----Original Message----- From: Geert VAN ACKER [mailto:geert.vanacker () pandora be] Sent: Thursday, 25 August 2005 2:49 a.m. To: pen-test () securityfocus com Subject: Scan virtual hosts Dear list, is it possible to enumerate all virtual hosts on a given IP address ? I prefer Linux soft.
As virtual hosts are defined just by a Host: header in client's request, I'm pretty sure that there is no way (please let me know if there is!) to enumerate virtual hosts from a remote machine. The only way is to check the actual configuration file of the HTTP daemon, for which you need local hosts access, of course. If you know that only certain domain is hosted on a particular physical machine, and if you can get the DNS zone for that domain, you can check which hostnames' pointers go to that physical machine. Cheers, Bojan -- Bojan Zdrnja, CISSP, RHCE Security Implementation Specialist Information Technology Systems and Services (ITSS) The University of Auckland, New Zealand
Current thread:
- Scan virtual hosts Geert VAN ACKER (Aug 24)
- Re: Scan virtual hosts Jayson Anderson (Aug 24)
- Re: Scan virtual hosts Stefano Zanero (Aug 24)
- Re: Scan virtual hosts Geert VAN ACKER (Aug 26)
- Re: Scan virtual hosts Michael Boman (Aug 24)
- Re: Scan virtual hosts matt (Aug 26)
- Re: Scan virtual hosts Pete Herzog (Aug 27)
- Re: Scan virtual hosts matt (Aug 26)
- RE: Scan virtual hosts Bojan Zdrnja (Aug 24)
- Re: Scan virtual hosts bugtraq (Aug 26)
- Re: Scan virtual hosts Gareth Davies (Aug 29)
- <Possible follow-ups>
- RE: Scan virtual hosts Bob Auger (Aug 24)