RE: Scan virtual hosts
From: Bojan Zdrnja (Bojan.Zdrnja_at_LSS.hr)
Date: 08/25/05
- Previous message: Michael Boman: "Re: Scan virtual hosts"
- In reply to: Geert VAN ACKER: "Scan virtual hosts"
- Next in thread: bugtraq_at_soaninvest.com: "Re: Scan virtual hosts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Geert VAN ACKER'" <geert.vanacker@pandora.be>, <pen-test@securityfocus.com> Date: Thu, 25 Aug 2005 13:44:30 +1200
Geert,
> -----Original Message-----
> From: Geert VAN ACKER [mailto:geert.vanacker@pandora.be]
> Sent: Thursday, 25 August 2005 2:49 a.m.
> To: pen-test@securityfocus.com
> Subject: Scan virtual hosts
>
> Dear list,
>
> is it possible to enumerate all virtual hosts on a given IP
> address ? I
> prefer Linux soft.
As virtual hosts are defined just by a Host: header in client's request, I'm
pretty sure that there is no way (please let me know if there is!) to
enumerate virtual hosts from a remote machine.
The only way is to check the actual configuration file of the HTTP daemon,
for which you need local hosts access, of course.
If you know that only certain domain is hosted on a particular physical
machine, and if you can get the DNS zone for that domain, you can check
which hostnames' pointers go to that physical machine.
Cheers,
Bojan
-- Bojan Zdrnja, CISSP, RHCE Security Implementation Specialist Information Technology Systems and Services (ITSS) The University of Auckland, New Zealand
- Previous message: Michael Boman: "Re: Scan virtual hosts"
- In reply to: Geert VAN ACKER: "Scan virtual hosts"
- Next in thread: bugtraq_at_soaninvest.com: "Re: Scan virtual hosts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
