<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Security Incidents: Re: Scanners using netcraft?

Re: Scanners using netcraft?

From: mea culpa <jericho_at_DIMENSIONAL.COM>
Date: Mon, 10 Jan 2000 15:24:48 -0700

> Hi,
>
> netcraft.com routinely scans web sites and publish their
> survey of http server software. See http://www.netcraft.com/.
> They also scan port 443 (https) for the same reasons, and I've
> seen them try to do DNS zone transfers although not recently.
> I don't think their activity is harmful, probably just an
> unrelated event.

It should be noted that Netcraft *could* be used for this quite trivially.
A user can pass any third party web server to the Netcraft query engine
(even via lynx and a single command) and find out the resulting server. So
a quick script to check entire class C networks would be trivial to write,
grep out a specific server, then throw attacks at them.

http://www.netcraft.com/whats/
Received on Jan 10 2000

This message: [ Message body ]
Next message: Thomas Molina: "Re: Attacks from cr595282-a.hnsn1.on.wave.home.com [24.112.41.167]"
Previous message: Filip M. Gieszczykiewicz: "Update: other depts attacked"
In reply to: Eric Cholet: "Re: Scanners using netcraft?"
Next in thread: Al Huger - Mail Account: "Re: Scanners using netcraft?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos