Re: Unusual Web Server

From: R. DuFresne (dufresneat_private)
Date: Tue Jul 08 2003 - 14:07:12 PDT

Next message: Anthony R. Plastino III: "RE: Product review postings (was Administrivia)"

Previous message: Jens Mickerts: "AW: Unusual Web Server"
In reply to: charrin2at_private: "Unusual Web Server"
Next in thread: Muhammad Faisal Rauf Danka: "RE: Unusual Web Server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

google finds:

http://www.atomised.org/webserver.php?type=drill&id=160

whose results sugest this might be the gui managment console for the
Netscreen 5XP (OS 3.0.1r2)

Thanks,

Ron DuFresne

On Tue, 8 Jul 2003,  wrote:

> All,
> 
> I have found a web server that I cannot identify. It is listening on port
> 5050. When I telnet to it I get:
> 
> telnet host.foobar.com 5050
> Trying 10.10.10.10...
> Connected to host.foobar.com.
> Escape character is '^]'.
> 
> HTTP/1.1 400 Bad Request
> Date: Tue,  8 July 2003 14:59:05
> Server: Web/R5_2_2
>  
> 400 Bad Request
> Connection closed by foreign host.
> 
> 
> If I try to browse to it I am prompted for a username / password. After
> entering the wrong password I get the ususal 401 unauthorized. The default
> page is layout.html
> 
> Any help would be appreciated.
> 
> --Chris
> 
> 
> 
> ---------------------------------------------------------------------------
> The Lightning Console aggregates IDS events, correlates them with 
> vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
> 
> Visit Tenable Network Security at http://www.tenablesecurity.com to learn 
> more.
> ----------------------------------------------------------------------------
> 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with 
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.

Visit Tenable Network Security at http://www.tenablesecurity.com to learn 
more.
----------------------------------------------------------------------------

Next message: Anthony R. Plastino III: "RE: Product review postings (was Administrivia)"
Previous message: Jens Mickerts: "AW: Unusual Web Server"
In reply to: charrin2at_private: "Unusual Web Server"
Next in thread: Muhammad Faisal Rauf Danka: "RE: Unusual Web Server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 16:15:25 PDT