RE: Unusual Web Server

From: Noonan, Wesley (Wesley_Noonan@bmc.com)
Date: Tue Jul 08 2003 - 15:37:21 EDT


I think that might be a Netscreen Proxy/Firewall. HTH

Wes Noonan, MCSE/CCNA/CCDA/NNCSS/Security+
Senior QA Rep.
BMC Software, Inc.
(713) 918-2412
wnoonan@bmc.com
http://www.bmc.com

> -----Original Message-----
> From: charrin2@maine.rr.com [mailto:charrin2@maine.rr.com]
> Sent: Tuesday, July 08, 2003 13:46
> To: pen-test@securityfocus.com
> Subject: Unusual Web Server
>
> All,
>
> I have found a web server that I cannot identify. It is listening on port
> 5050. When I telnet to it I get:
>
> telnet host.foobar.com 5050
> Trying 10.10.10.10...
> Connected to host.foobar.com.
> Escape character is '^]'.
>
> HTTP/1.1 400 Bad Request
> Date: Tue, 8 July 2003 14:59:05
> Server: Web/R5_2_2
>
> 400 Bad Request
> Connection closed by foreign host.
>
>
> If I try to browse to it I am prompted for a username / password. After
> entering the wrong password I get the ususal 401 unauthorized. The default
> page is layout.html
>
> Any help would be appreciated.
>
> --Chris
>
>
>
> --------------------------------------------------------------------------
> -
> The Lightning Console aggregates IDS events, correlates them with
> vulnerability info, reduces false positives with the click of a button,
> anddistributes this information to hundreds of users.
>
> Visit Tenable Network Security at http://www.tenablesecurity.com to learn
> more.
> --------------------------------------------------------------------------
> --

---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.

Visit Tenable Network Security at http://www.tenablesecurity.com to learn
more.
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:35 EDT