Re: Telnet and Apache

From: Dickon Newman (dnewman@skylan.net)
Date: 08/08/02 

From: "Dickon Newman" <dnewman@skylan.net>
To: "Maccy" <maccy@maccomms.co.uk>
Date: Thu, 8 Aug 2002 08:32:31 -0400

You can telnet to any open port on a machine, and run the command manually.

In terms of the web server, try telnetting in on port 80 (or whatever port
it is), and type anything. When I've done that with Apache, it returns,
"Unknown command" and then does you the liberty of telling you that it's an
Apache Server, and what version it is.

In httpd.conf you can set ServerSignature to Off. That will prevent the
simple discovery via telnet.

Can the telnetter do any malicious? They can perform all standard get and
post commands like a web browser would. But I believe the bad stuff will
only come where there are holes in that particular web server. (There's a
fix for one announced about a month ago).

(I think I hit all your questions one way or another)

Hope this helps,
Dickon...

----- Original Message -----
From: "Maccy" <maccy@maccomms.co.uk>
To: <security-basics@securityfocus.com>
Sent: Wednesday, August 07, 2002 7:53 AM
Subject: Telnet and Apache

>
> Hi all,
>
> I maintain a small number of Sun workstations running Solaris 2.6 and 8.
> Telnet has been switched off on all machines, ssh is now the only access
> method available.
>
> I notice I still can telnet to my web server - it times out, I guess using
> the 'KeepAlive' option. All of my apache stuff is owned by a non-root
> group (sscops).
>
> My security questions are:
> 1. What can someone do while connected to the web server ?
> 2. Can they make a malicious request and cause damage ?
> 3. Can they use it to circumvent our security ?
>
> I think we are okay(?) But I don't know enough about it to be sure. Can
> anyone advise further?
>
> With regards,
>
> Mark Mahabir
>
>
>
>

Quantcast