How would you judge if a remote server is running IIS or Apache?
Answers were Sorted based on User's Feedback
Answer / chaitanya
Error messages oftentimes giveaway what the server is running, and many times if the website administrator has not set up custom error pages for every site, it can give it away as simply as just entering a known bad address. Other times, just using telnet can be enough to see how it responds. Never underestimate the amount of information that can be gained by not getting the right answer but by asking the right questions.
Is This Answer Correct ? | 5 Yes | 0 No |
Answer / gaurav
Penetration testing techniques can easily reveal from a website which of the ports, operating systems and web servers are running. For Instance, Nikto and Owasp-Zed are two methods of doing this.
Is This Answer Correct ? | 1 Yes | 0 No |
What is the difference between a Black Hat and a White Hat?
I’m the CEO of a Fortune 500 company. I make more in an afternoon than you make in a year. I don’t care about this stupid security stuff, it just costs time and money and slows everything down. Why should I care about this junk?
What is the difference between a virus and a trojan?
0 Answers Tavant Technologies, Zensar,
What is your opinion on hacktivist groups such as Anonymous?
What are the three ways to authenticate a person?
Why are internal threats oftentimes more successful than external threats?
On a Windows network, why is it easier to break into a local account than an AD account?
1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?
What’s better, a red team or a blue team?
Why would you want to use SSH from a Windows pc?
What is XSS?
What is worse in Firewall Detection, a false negative or a false positive? And why?