Home page logo

pen-test logo Penetration Testing mailing list archives

Re: HEAD request
From: "berg" <zealberg () 163 com>
Date: Mon, 11 Sep 2006 13:49:07 +0800

the params of HEAD request is same as that of GET/POST request

request text as follow:

Host: www.sample.com
Connection: close

the response message from web server will be something like this:

HTTP/1.1 200 OK
Date: Mon, 11 Sep 2006 05:21:20 GMT
Server: Apache/1.3.34 (Unix)
Content-Location: index.html.en
Vary: negotiate,accept-language,accept-charset
TCN: choice
Last-Modified: Thu, 06 Jan 2005 12:11:39 GMT
ETag: "38a94-5b0-41dd2afb;44a4fd43"
Accept-Ranges: bytes
Content-Length: 1456
Connection: close
Content-Type: text/html
Content-Language: en

If there is no response from web server, perhaps the administrator blocked the HEAD request method

Best Regards
----- Original Message ----- 
From: "vijay shetti" <vijay.shetti () gmail com>
To: <pen-test () securityfocus com>
Sent: Saturday, September 09, 2006 4:13 PM
Subject: HEAD request

Hello all!!!

I am doing assessment of a web server

When I issue HEAD request using nc I don't get any response from the webserver
and I get disconnected after some time.
What should i conclude from that?Does it mean that the administrator has blocked
HEAD requests?


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]