RE: HEAD request

From: Levenglick, Jeff (JLevenglick@fhlbatl.com)
Date: Mon Sep 11 2006 - 11:38:28 EDT


Not always. Someone could have it blocked on a proxy/firewall.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Ory Segal
Sent: Monday, September 11, 2006 4:42 AM
To: vijay shetti; pen-test@securityfocus.com
Subject: RE: HEAD request

Hi,

Have you tried any other HTTP methods? did they work?

Usually, if an HTTP method is not allowed, you should receive an error
message (e.g. 403).

-Ory Segal
Watchfire ( http://www.watchfire.com )
  

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of vijay shetti
Sent: Saturday, September 09, 2006 11:14 AM
To: pen-test@securityfocus.com
Subject: HEAD request

Hello all!!!

I am doing assessment of a web server

When I issue HEAD request using nc I don't get any response from the
webserver and I get disconnected after some time.
What should i conclude from that?Does it mean that the administrator has
blocked HEAD requests?

regards,
Vijay

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



-----------------------------------------
This e-mail message is private and may contain confidential or
privileged information.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT