Home page logo

pen-test logo Penetration Testing mailing list archives

RE: HEAD request
From: "Paul Melson" <pmelson () gmail com>
Date: Mon, 11 Sep 2006 15:59:02 -0400

-----Original Message-----
Subject: HEAD request

When I issue HEAD request using nc I don't get any response from the
webserver and I get disconnected 
after some time.
What should i conclude from that?Does it mean that the administrator has
blocked HEAD requests?

Probably not.  If the HEAD method is disabled in the web server, it would
normally issue a 405 error.  It sounds more like an in-line proxy control.
The silent drop without error sounds like maybe a Symantec firewall.  Hard
to say without more detail, though.  It's not likely (since HEAD is a pretty
simple request type), but you can't rule out the possibility of a
configuration/code error on the web server itself.


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]