Penetration Testing mailing list archives
RE: HEAD request
From: "Paul Melson" <pmelson () gmail com>
Date: Mon, 11 Sep 2006 15:59:02 -0400
-----Original Message----- Subject: HEAD request
When I issue HEAD request using nc I don't get any response from the
webserver and I get disconnected
after some time. What should i conclude from that?Does it mean that the administrator has
blocked HEAD requests? Probably not. If the HEAD method is disabled in the web server, it would normally issue a 405 error. It sounds more like an in-line proxy control. The silent drop without error sounds like maybe a Symantec firewall. Hard to say without more detail, though. It's not likely (since HEAD is a pretty simple request type), but you can't rule out the possibility of a configuration/code error on the web server itself. PaulM ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- HEAD request vijay shetti (Sep 10)
- Re: HEAD request berg (Sep 11)
- Re: HEAD request Steffen Wendzel (Sep 11)
- RE: HEAD request StyleWar (Sep 11)
- RE: HEAD request Sels, Roger (Sep 11)
- Re: HEAD request Mike Klingler (Sep 11)
- RE: HEAD request Paul Melson (Sep 11)
- <Possible follow-ups>
- RE: HEAD request Ory Segal (Sep 11)
- RE: HEAD request Ory Segal (Sep 11)
- RE: HEAD request Levenglick, Jeff (Sep 11)
- RE: HEAD request balaji . v (Sep 11)
- RE: HEAD request Ory Segal (Sep 11)
- Re: HEAD request Rogan Dawes (Sep 11)