From: Pratt, Benjamin E. (bepratt@stcloudstate.edu)
Date: Fri Feb 06 2004 - 08:44:33 EST
Hello -
Webmin isn't only available to the localhost by default, although it
could be made that way. By default Webmin sets up to run on HTTP port
10000 but most admins, and by default if you have SSL installed and use
Mandrake (and probably others) Webmin will run via HTTPS.
Good luck,
Ben
-----Original Message-----
From: Wu Fei Liang [mailto:cms01017@cms.ac]
Sent: Tuesday, February 03, 2004 11:25 AM
To: pen-test@securityfocus.com
Subject: Remote connection to Webmin Service (Port 10000)
Hello everyone!
I'm currently doing an security audit on a company as a "newbie". After
scanning the host I leared that several ports were open - including the
Webmin Port. I tried to connect via Browser to this port but the
operation
timed out. I believe that it is due to the fact that the Webmin Service
is
only available to the localhost. But I am wondering why I was able to
connect
with telnet and download the login-page of Webmin. A simple wget would
do the
same thing.
Can anybody give me some advice and explain why this is that way?
Thx a lot in advance
Kind regards
-- -------------------------------------------------------------- WU Fei Liang Computer & Media Security University of Applied Sciences 4232 Hagenberg, Austria [ Intership ] weigl interservice - http://www.weigl.de [ Mail work ] f.wu@weigl.de [ Mail priv ] wu_fei_liang@cms.ac [ Public-Key ] http://pgp.mit.edu:11371/pks/lookup?search=0xC5633638&op=index -------------------------------------------------------------- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:48 EDT