Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Virtual IP addresses

from [Jon Hart] Network Security [Permanent Link]
Subject: Re: Virtual IP addresses
Date: Wed, 22 Feb 2006 19:30:45 -0500 
On Wed, Feb 22, 2006 at 09:32:58PM +0100, thomas springer wrote:

Joshua,

If you mean to find virtual hosts for an ip:

You might want to try http://www.serversniff.net/get-hostonip.php.
Enter a hostname, e.g. www.hostname.com or an ip like 64.15.205.244 to
find other hostnames and domains living on this ip.

You might also stop by at whois.sc - but their scope used to be limited
to a few tlds.

Another bet is to try https://<ipnum> - If there is a https-server
living on this host, your browser will present you the domainname of
the certificate.


Another idea along those lines would be to try both HTTP/1.0 and
HTTP/1.1, notably HTTP/1.1 with a fake Host header.

I'm not sure what the result will be with ISA, but it is worth a shot.

Also, maybe check out the headers that are returned by the server --
that may give you some clues: `GET -dSe ip.address.here`

-jon

-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!" 
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world 
examples of recent hacking methods such as: SQL Injection, Cross Site 
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Virtual IP addresses, foo
Next by Date:  DEF CON 14 is now in effect! The Call for Papers is open., Jeff Moss
Previous by Thread:  Re: Virtual IP addresses, thomas springer
Next by Thread:  Re: Virtual IP addresses, Hemil
Indexes:  [Date] [Thread] [Top] [All Lists]