Re: HEAD request

["berg" <zealberg () 163 com>]

the params of HEAD request is same as that of GET/POST request

request text as follow:

HEAD / HTTP/1.1
Host: www.sample.com
Connection: close

the response message from web server will be something like this:

HTTP/1.1 200 OK
Date: Mon, 11 Sep 2006 05:21:20 GMT
Server: Apache/1.3.34 (Unix)
Content-Location: index.html.en
Vary: negotiate,accept-language,accept-charset
TCN: choice
Last-Modified: Thu, 06 Jan 2005 12:11:39 GMT
ETag: "38a94-5b0-41dd2afb;44a4fd43"
Accept-Ranges: bytes
Content-Length: 1456
Connection: close
Content-Type: text/html
Content-Language: en


If there is no response from web server, perhaps the administrator blocked the HEAD request method

Best Regards
Berg
----- Original Message ----- 
From: "vijay shetti" <vijay.shetti () gmail com>
To: <pen-test () securityfocus com>
Sent: Saturday, September 09, 2006 4:13 PM
Subject: HEAD request


> Hello all!!!
>
> I am doing assessment of a web server
>
> When I issue HEAD request using nc I don't get any response from the webserver
> and I get disconnected after some time.
> What should i conclude from that?Does it mean that the administrator has blocked
> HEAD requests?
>
> regards,
> Vijay
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> ------------------------------------------------------------------------