Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: HEAD request
From: "Paul Melson" <pmelson () gmail com>
Date: Mon, 11 Sep 2006 15:59:02 -0400

-----Original Message-----
Subject: HEAD request

When I issue HEAD request using nc I don't get any response from the
webserver and I get disconnected 
after some time.
What should i conclude from that?Does it mean that the administrator has
blocked HEAD requests?

Probably not.  If the HEAD method is disabled in the web server, it would
normally issue a 405 error.  It sounds more like an in-line proxy control.
The silent drop without error sounds like maybe a Symantec firewall.  Hard
to say without more detail, though.  It's not likely (since HEAD is a pretty
simple request type), but you can't rule out the possibility of a
configuration/code error on the web server itself.

PaulM


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault