Hi, Jeremiah Grossman gave a presentation at Seattle Blackhat 03 that may shed some light on this...in particular he covers using OPTIONS as unique identifiers. http://www.blackhat.com/presentations/bh-asia-02/bh-asia-02-grossman.pdf Thanks, -scm RH:Rick Hoekman RH>Anyone know if there are tools to fingerprint webservers that do not RH>give away their type and version? RH> RH>As far as I know there is a paper/thesis on one tool called HMAP.pl. You RH>can read it here http://seclab.cs.ucdavis.edu/papers/hmap-thesis.pdf RH> RH>Thanks! RH> RH>Rick RH> RH> -------------------------------------------------------------- Costs are climbing and complaints are rising as SPAM overloads your e-mail servers and Inboxes SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. http://www.securityfocus.com/SurfControl-pen-test2 Download a free trial and see just what's going in and out of your organization. --------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri Apr 11 2003 - 10:30:53 PDT