[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Question: Security through Obscurity with VHOSTS

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Question: Security through Obscurity with VHOSTS
From: James Tucker <jftucker@xxxxxxxxx>
Date: Sun, 1 May 2005 19:12:02 +0100

I know this isn't exactly full-disclosure, feel free to flame me if
you feel sufficiently petty.

Is there any way to remotely enumerate what VHOSTS are running on an
apache server?

As far as security through obscurity is concerned, false local DNS
records really are quite obscure.

Comments please.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Micky-dee's anyone?
Next by Date: Re: [Full-disclosure] Micky-dee's anyone?
Previous by thread: [Full-disclosure] [ GLSA 200505-01 ] Horde Framework: Multiple XSS vulnerabilities
Next by thread: Re: [Full-disclosure] Hotmail.com doesn't like russians, returns 500 internal server error.
Index(es):
- Date
- Thread