Telnet to Web Server?
Dave Hull
dphull at gmail.com
Fri Jun 13 08:15:59 CDT 2008
On Thu, Jun 12, 2008 at 6:07 PM, Geoffrion, Ron P [IT]
<Ron.Geoffrion at sprint.com> wrote:
>>>Is it necessarily considered poor web server configuration to be able to telnet into a webserver and pull off the server info?
>
> It is considered a security vunerability. By revealing OS/webserver version, you advertise potential attack vectors.
You are correct. It's an information leak, but I wouldn't necessarily
characterize it as a vulnerability. Some sites do alter the Server
header information in the response just to throw people off. It's
security through obscurity, but there's no harm in that so long as
that's not your only security control.
Here's one I like:
telnet isc.sans.org 80
GET / HTTP/1.1
HTTP/1.1 200 OK
Date: Fri, 13 Jun 2008 13:12:13 GMT
Server: nc -l -p 80
Note the server response. It's netcat. Good stuff.
--
Dave
More information about the Kclug
mailing list