Some More Methods To Grab Banners



Some More Methods To Grab Banners
I hope you enjoyed reading last post on banner grabbing. Here in this post we will discus some tools that can be used to grab banners and we will also have our look on some of the tools that can be used for preventing our banners from getting grabbed. Following are some tools that helps in banner grabbing.



NetCat:
Net-Cat is TCP/IP debugging tool that can be used for banner grabbing. Download Netcat from its official site, its free. Have a look on its documentation about how to use it. Following command works same as telnet for netcat and helps grabbing banner.

C:\netcat\>nc ip_address 80
(Press enter twice and if it doesn't work then type following)
(HEAD /HTTP/1.0 and press enter twice)

Httprint:
Httprint is web server finger printing tool. It uses server signature to identify version of web application running on server. Download it from its official site again its free. I don't think there is need to explain how it works since their own help documentation is very small and easy to understand. Give it a try if you still don't understand how to use it ask me. I'll include a new post on it.

Miart HTTP Header:
Miart HTTP Header tool identifies banner information from HTTP Header and response type. Using it doesn't require any skill just enter URL in input box and press enter.

Prevention Against Banner Grabbing:

Preventing Apache Server And Its Derivative:
We can't say that there is some tool or specific method available via which we can stop banner of Apache from getting grabbed but if you'll have a look on its documentation, you'll find its not even difficult either. Actually full information about Apache and its derivative related problems and their solutions is included in their documentation and they differ for each version. Since they differ for each version I 'll recommend read its documentation to stop Apache giving out valuable information.

Preventing IIS Server:
IIS shares some advantages over Apache since various tools are available that help IIS server to defend itself against banner grabbing.

IIS Lockdown:
Its works by turning off unnecessary features thus providing multiple layer protection. Download it from www.microsoft.com.

Server Mask:
Server Mask removes every detail from website about it is using IIS server including removing all finger printing traces. It removes HTTP headers and also encrypts signatures thus providing protection against signature based banner grabbing.

Page Xchanger:
It is content negotiation tool. It cleans all URLs from extensions and hence make them appear more clear and navigable. It negotiates with every file and extension making site more secure since your site will show nothing about files, extensions and default error messages.

Comments

Post a Comment

Popular posts from this blog

Attacks Against Weak Token Generation

Attacks Against Weak Token Generation During our last post to this we discusses about basics of Session Management Attack which is also known as session hacking. In this post we will have a look on how you can attack weak token generation method to attack session management. Following are most common methods of generating weak tokens, Using meaningful tokens Predictable token generation Adding time dependent variations in tokens Now some important things before we discus real hack steps. In applications that use standard cookie mechanism for transmitting session tokens, it is easy to identify which item of data contains the token. In other cases it needs real brain work to identify them. Many web developers add extra tokens to cookies to fool hackers for example an application might add 14 tokens to yours browser's store, out of which only six are responsible for session management no matter what value other eight have only six of them will hand...
Read more

Some Terminologies You Should Know About Trojans

Image
Some Terminologies You Should Know About Trojans in this following post we will discus some most frequently used terminologies that we usually hear when word Trojan pops out. They are discussed here because after knowing them you'll be able to understand how attacker manages to circulate RAT server, hide its presence and also bypasses firewall rules. Over And Covert Channel: A channel here describes means of communication. An overt channel means legal, obvious or known where as covert means hidden and concealed. In other words overt means legal means of communication whereas covert means illegal means of communication. In technical terms overt channel follows rules by TCP/IP suite where as covert channel exploit weakness of TCP/IP model for illegal communication. Wrappers: Wrappers are programs that helps binding two files together. They can bind either multiple files of same extension or multiple files with multiple extension. Wrappers are ...
Read more

Nmap Scanning

Image
Nmap best known as hacker’s best friend may it be ethical or criminal is one of the best known network scanners available today. Today nearly each and every hacker uses nmap as network scanning tool and even pen-testing tools are bundled with Nmap as basic port scanning tool. Nmap can scan network, ports, services and also garb OS. This tutorial is written keeping this in mind that everyone should be able to grasp all commands and switches given in this tutorial in single reading. Do you think it’s impossible so why not give a try. First we divide switches into four types, 1.Synchronous Scans 2.Ping Scans 3.Time Scans 4.Output Type Synchronous Scan :All synchronous scans start with “-s”(without quotes), note that the ‘s’ denoting synchronous is not capital. Now a basic synchronous scan command is written as follows, nmap -s[synchronous scan type] ip_address ---------------------------------------------- -sT Synchronous TCP scan -sS Synchronous Stea...
Read more