UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
September
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
Sponsored Links
Latest Postings
The History Thread...
by Gremelin
09/18/14 09:42 AM
Doom 3
by Cyrez
09/11/14 08:58 PM
Latest Reviews
Topic Options
Rate This Topic
#15106 - 03/08/02 02:41 PM Question about hacking (it is worng to hack)
ithinkimhappy Offline
Junior Member

Registered: 03/06/02
Posts: 4
Loc: massachuestts
ok you know if you every wanted to break into a website you need to the know the OS the computer is running off of?? i did a little test i picked any web site. opened telnet and connected through port 80 it connected but when i typed something in and press enter it gave me this.

HTTP/1.1 400 Bad Request
Server: Microsoft- IIS/5.0
Date:sat, 09 Mar 2002 00.32.48 GMT
content-type: text/html
content-length: 87

errorthe parameter is incorrect.

what does this mean??? does this tell me the OS (operating system)?
_________________________
no

Top
Sponsored Links
      
#15107 - 03/08/02 02:52 PM Re: Question about hacking (it is worng to hack)
thebluegiant Offline
Member

Registered: 03/02/02
Posts: 109
Quote:
Server: Microsoft- IIS/5.0
_________________________
"There is no end. There is no beginning. There is only the infinite passion of life."
--Fellini

Top
#15108 - 03/08/02 02:54 PM Re: Question about hacking (it is worng to hack)
Mornse Offline
Member

Registered: 03/03/02
Posts: 185
Loc: Vancouver
First off, what does this have to do with the title of this topic? heh, but I will answer your question anyways. You just received a lot of information! First, the server is running Windows, you can tell that because the server is using Microsoft-IIS/5.0 which is a Windows OS. You can probably guess it's using NT/2K because that's what most servers are using. Next, you know that it's running IIS 5.0 now so you can look for exploits for that server software. Also, you can get the timezone of the server, which doesn't really give you anything but it's an extra tid bit of information.
_________________________
Cha want some w***up?

http://www.dopeskill.com

Top
#15109 - 03/08/02 06:11 PM Re: Question about hacking (it is worng to hack)
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
hey they could be elite by installing wine and running iis :x
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#15110 - 03/08/02 06:26 PM Re: Question about hacking (it is worng to hack)
ithinkimhappy Offline
Junior Member

Registered: 03/06/02
Posts: 4
Loc: massachuestts
meaning??
_________________________
no

Top
#15111 - 03/08/02 06:53 PM Re: Question about hacking (it is worng to hack)
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
WINE makes it possible to run windows binarys in linux, therefore if one wanted they could run IIS in linux if they felt like it and configured it correctly.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#15112 - 03/09/02 06:32 PM Re: Question about hacking (it is worng to hack)
Mornse Offline
Member

Registered: 03/03/02
Posts: 185
Loc: Vancouver
But the chances of that are very slim because IIS isn't the greatest in the first place on windows, so why bother running it on Linux.
_________________________
Cha want some w***up?

http://www.dopeskill.com

Top
#15113 - 03/13/02 02:58 PM Re: Question about hacking (it is worng to hack)
nokil0 Offline
Junior Member

Registered: 03/13/02
Posts: 5
Loc: Hawaii/Cali
You may want to try running a port scan to see if the box has any open mail servers (almost def). Often times (even if the admin is smart), the true nature of the OS can be determined through these arbitrary ports.
ciao tuto
_________________________
:: nokil0 ::

Top
#15114 - 03/13/02 03:00 PM Re: Question about hacking (it is worng to hack)
nokil0 Offline
Junior Member

Registered: 03/13/02
Posts: 5
Loc: Hawaii/Cali
A side note to my last post; even if you can not get direct information the the open port itself, a finger print of sorts, is what specific ports (in all) are open. You can identify many machines by which ports have been enabled.
_________________________
:: nokil0 ::

Top
#15115 - 03/14/02 06:31 PM Re: Question about hacking (it is worng to hack)
hKzKnight Offline
Member

Registered: 03/12/02
Posts: 626
Loc: LAN
WINE is a sort of windows emulator. It is real nice. However my doubts that many people would run a server with WINE. It isn't as stable as I wish it would be. Especially for a use as a server, It still has glitches with some games but I like. Yet it is a good idea but slim. Really interesting stuff. Another nice thing is VMWARE and win4lin, win4lin would prob be used more then WINE if was to run a server. Just curious would it tell you (if used WINE) that it is a Win based OS? I would think not, but not sure. However I know it would if win4lin. Thanks.
_________________________
-hKzKnight
"The ghost... Was never there and you'll never see me"

Top
#15116 - 03/14/02 06:47 PM Re: Question about hacking (it is worng to hack)
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
rofl.. WINE (WINE Is Not an Emulator) heh..
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#15117 - 11/08/02 12:10 PM Re: Question about hacking (it is worng to hack)
LordPhatal Offline
Junior Member

Registered: 11/08/02
Posts: 1
I may be wrong, but if you were running WINE er Win4Lin etc. and you were running IIS I would think that the information that has been received would not reflect IIS. The reason being is that most of those types of programs run in a protected environment. The true OS running would actually be what replies to information requests like that. So my guess would be that if you see that the server has IIS5.0, it's a Winderz box.

Top
#15118 - 11/08/02 12:51 PM Re: Question about hacking (it is worng to hack)
jonconley Offline
UGN Super Poster

Registered: 10/08/02
Posts: 955
Loc: Merrill, IA, USA
My understanding is that you telnet to the port and the system it self is no longer responding, it is now whatever application may be listening at that port. This would be the webserver so it would reply the information. That is why it said bad request, it was the webserving expecting a HTTP command. Also, I am not sure about IIS but I remember reading something where you could just edit the response that apache would give. So if you wanted you could probably do the same with IIS or they atleast can prevent it giving out that information.
Again, I don't know if you can do it with IIS, but I know alot of server software allows you to customize it. So while it won't stop someone from being able to detect your OS, it will atleast stop yourself by being detected in a large portscan that grabs banners.

Top

Featured Member
Registered: 03/02/02
Posts: 136
Forum Stats
2148 Members
46 Forums
34540 Topics
69710 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 27702
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Tim050, Gecko666, defghi795767, Devo60, ali
2148 Registered Users
Who's Online
0 registered (), 381 Guests and 289 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!