|
Full Disclosure
mailing list archives
Re: In ur server-status
From: Alessandro Fiorenzi <a.fiorenzi () infogroup it>
Date: Mon, 23 Jul 2007 13:21:16 +0200
Well I find is more serious to find /server-info availabable on one of
thats,
you could rebuild some important information on the apache
configuration, modules, directives, etc..
Alessandro Fiorenzi
On Sat, 2007-07-21 at 22:53 -0500, Todd Troxell wrote:
Noticing lots of admins tend to forget about /server-status, I typed at random:
http://www.cnn.com/server-status
http://www.webshots.com/server-status
http://www.download.com/server-status
http://slashdot.org/server-status
I am sure there are ten billion others. In some cases this is worse than
someone grabbing your access log.
------------------------------------------------------------------------------------
INFOGROUP S.P.A http://www.infogroup.it
Gruppo Banca CR Firenze
http://www.carifirenze.it
------------------------------------------------------------------------------------
Dott. Fiorenzi Alessandro
Security Project & Management
Consulente Tecnico Trib. Firenze - Sicurezza Informatica -
Albo consulenti ed esperti CCIAA Firenze
Socio CLUSIT, ALSI
Member of IEEE Computer Society
Tel : +390554365742
CE : +393356414477
@Email : a.fiorenzi () infogroup it
@Email : Security.Management () infogroup it
PGP Key: http://www.infogroup.it/ds/fiorenzi.asc
------------------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
Intro
