I am pretty sure that is a Domino web server though I am not 100% sure. I would try using netcat http://www.atstake.com/research/tools/network_utilities/ instead of telnet. Many versions of telnet try to send a userid as part of the connection and I think that is why you are getting the "400 Bad Request" initially. A request to try: OPTIONS * HTTP/1.1 Host: host.foobar.com This will generally spill the beans. On Tuesday, July 8, 2003, at 11:45 AM, "" <charrin2at_private> wrote: > All, > > I have found a web server that I cannot identify. It is listening on > port > 5050. When I telnet to it I get: > > telnet host.foobar.com 5050 > Trying 10.10.10.10... > Connected to host.foobar.com. > Escape character is '^]'. > > HTTP/1.1 400 Bad Request > Date: Tue, 8 July 2003 14:59:05 > Server: Web/R5_2_2 > > 400 Bad Request > Connection closed by foreign host. > > > If I try to browse to it I am prompted for a username / password. After > entering the wrong password I get the ususal 401 unauthorized. The > default > page is layout.html > > Any help would be appreciated. > > --Chris > > > > ----------------------------------------------------------------------- > ---- > The Lightning Console aggregates IDS events, correlates them with > vulnerability info, reduces false positives with the click of a > button, anddistributes this information to hundreds of users. > > Visit Tenable Network Security at http://www.tenablesecurity.com to > learn > more. > ----------------------------------------------------------------------- > ----- > > --- Bill Pennington, CISSP, CCNA Chief Technology Officer WhiteHat Security Inc. http://www.whitehatsec.com --------------------------------------------------------------------------- The Lightning Console aggregates IDS events, correlates them with vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users. Visit Tenable Network Security at http://www.tenablesecurity.com to learn more. ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 14:26:59 PDT