[Zope] VHM followup... an open proxy probe?
Jamie Heilman
jamie@audible.transient.net
Sat, 15 Mar 2003 14:37:18 -0800
Dylan Reinhardt wrote:
> Looking over the Apache logs a bit more carefully, I can see several
> requests of the form:
>
> http://www.virtualhost.com/misc_/SiteAccess/VirtualHostMonster.gif
> and
> http://www.virtualhost.com/p_/zopelogo_jpg
>
> Both of which will return graphics positively identifying your server as
> Zope unless you've taken measures to the contrary. Oops.
Hmm. There are million ways to fingerprint zope, I suppose those are
as good as any. But check out OFS/Application.py for nice fat sack of
ideas. This is why I really want a tool that I can use to expose
every possible object available for request that includes what you can
obtain via acquisition. It would making locking down a zope
installation much easier.
> Around the same times as the probes for site/vhm//, there were several
Thats pretty interesting... assuming they'd find the vhm object...
what is there to do with it? I actually tried doing stuff like that a
long time ago but I couldn't come up with anything useful to do with
it, maybe I missed something. I do tend to use a random string
generator when naming objects that have no direct traversal value
though, I figure it can't hurt.
I looked through my logs for the past week, I didn't see any similar
signs of curiosity apart from my own attempts.
--
Jamie Heilman http://audible.transient.net/~jamie/
"Paranoia is a disease unto itself, and may I add, the person standing
next to you may not be who they appear to be, so take precaution."
-Sathington Willoughby