Re: Unusual Web Server

From: R. DuFresne (dufresne@sysinfo.com)
Date: Tue Jul 08 2003 - 17:07:12 EDT

• Next message: Anthony R. Plastino III: "RE: Product review postings (was Administrivia)"
• Previous message: Jens Mickerts: "AW: Unusual Web Server"
• In reply to: charrin2@maine.rr.com: "Unusual Web Server"
• Next in thread: Muhammad Faisal Rauf Danka: "RE: Unusual Web Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

google finds:

http://www.atomised.org/webserver.php?type=drill&id=160

whose results sugest this might be the gui managment console for the
Netscreen 5XP (OS 3.0.1r2)

Thanks,

Ron DuFresne

On Tue, 8 Jul 2003, wrote:

> All,
>
> I have found a web server that I cannot identify. It is listening on port
> 5050. When I telnet to it I get:
>
> telnet host.foobar.com 5050
> Trying 10.10.10.10...
> Connected to host.foobar.com.
> Escape character is '^]'.
>
> HTTP/1.1 400 Bad Request
> Date: Tue, 8 July 2003 14:59:05
> Server: Web/R5_2_2
>
> 400 Bad Request
> Connection closed by foreign host.
>
>
> If I try to browse to it I am prompted for a username / password. After
> entering the wrong password I get the ususal 401 unauthorized. The default
> page is layout.html
>
> Any help would be appreciated.
>
> --Chris
>
>
>
> ---------------------------------------------------------------------------
> The Lightning Console aggregates IDS events, correlates them with
> vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
>
> Visit Tenable Network Security at http://www.tenablesecurity.com to learn
> more.
> ----------------------------------------------------------------------------
>

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!
---------------------------------------------------------------------------
The Lightning Console aggregates IDS events, correlates them with 
vulnerability info, reduces false positives with the click of a button, anddistributes this information to hundreds of users.
Visit Tenable Network Security at http://www.tenablesecurity.com to learn 
more.
----------------------------------------------------------------------------

• Next message: Anthony R. Plastino III: "RE: Product review postings (was Administrivia)"
• Previous message: Jens Mickerts: "AW: Unusual Web Server"
• In reply to: charrin2@maine.rr.com: "Unusual Web Server"
• Next in thread: Muhammad Faisal Rauf Danka: "RE: Unusual Web Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT