HTTP finger printing
Results 1 to 5 of 5

Thread: HTTP finger printing

  1. #1
    Junior Member
    Join Date
    Jun 2004
    Posts
    3

    HTTP finger printing

    Anyone, what is HTTP Fingerprinting and how can I use CGI to prevent it?
    The Equalizer

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Google is your friend.

    I feel lucky

  3. #3
    Junior Member
    Join Date
    Dec 2003
    Posts
    12
    Pretty easy to prevent detection.

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    I should refer the OP to my article on ProjectZ.org which contains a discussion of HTTP fingerprinting.

    You can't prevent it too easily with CGI, your best bet is to install third party web server plugins, or use a load/balancer or other redirector of some kind to obfuscate your headers.

    The article is here

    Slarty

  5. #5
    Senior Member
    Join Date
    May 2004
    Posts
    274

    HTTP fingerprinting

    Hi all,

    A great article and tool for HTTP fingerprinting
    http://net-square.com/httprint/httprint_paper.html

    HMAP
    http://ujeni.murkyroc.com/hmap/

    HMAP: A Technique and Tool For Remote Identification of HTTP fingerprinting
    http://seclab.cs.ucdavis.edu/papers/hmap-thesis.pdf

    Detecting and Defending against Web-Server Fingerprinting
    http://acsac.org/2002/papers/96.pdf

    No method available for counter measure through CGI.

    currently i m doing project on effective methods for HTTP fingerprinting and for their countermeasures and in that regard i have written a tool that is still in its beta phase.

    Thanks
    Excuse me, is there an airport nearby large enough for a private jet to land?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •