This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Enumerate Applications on Webserver (OTG-INFO-004)"
(→v3 Review Comments) |
|||
Line 20: | Line 20: | ||
== v3 Review Comments == | == v3 Review Comments == | ||
− | Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the | + | Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the application(s) we're assessing. IMHO.<br> |
+ | May this section should be renamed to something like "Discovery of web server services and web applications on a host". | ||
[[User:Rick.mitchell|Rick.mitchell]] 09:55, 3 September 2008 (EDT) | [[User:Rick.mitchell|Rick.mitchell]] 09:55, 3 September 2008 (EDT) |
Revision as of 13:59, 3 September 2008
NMAP Changes?
Hi, what do you think to change the nmap command, and the nmap site?
Latest nmap change some parameters like -P0 to -PN. -P0 is obsolete.
Sample command should be now: nmap –PN –sT –sV –p1-65535 192.168.1.100
If fact, nmap has the abilily to scan port number 0, so we can do better with:
nmap –PN –sT –sV –p0-65535 192.168.1.100
And the nmap site is nmap.org now. But www.insecure.org is still there.
cheers --Unusuario 15:36, 2 April 2008 (EDT)
v3 Review Comments
Similar to the previous section this section seems more like Service discovery than application discovery. We're still learning things about the server and not as much about the application(s) we're assessing. IMHO.
May this section should be renamed to something like "Discovery of web server services and web applications on a host".
Rick.mitchell 09:55, 3 September 2008 (EDT)