Anyone, what is HTTP Fingerprinting and how can I use CGI to prevent it?
Printable View
Anyone, what is HTTP Fingerprinting and how can I use CGI to prevent it?
Google is your friend.
I feel lucky
Pretty easy to prevent detection.
I should refer the OP to my article on ProjectZ.org which contains a discussion of HTTP fingerprinting.
You can't prevent it too easily with CGI, your best bet is to install third party web server plugins, or use a load/balancer or other redirector of some kind to obfuscate your headers.
The article is here
Slarty
Hi all,
A great article and tool for HTTP fingerprinting
http://net-square.com/httprint/httprint_paper.html
HMAP
http://ujeni.murkyroc.com/hmap/
HMAP: A Technique and Tool For Remote Identification of HTTP fingerprinting
http://seclab.cs.ucdavis.edu/papers/hmap-thesis.pdf
Detecting and Defending against Web-Server Fingerprinting
http://acsac.org/2002/papers/96.pdf
No method available for counter measure through CGI.
currently i m doing project on effective methods for HTTP fingerprinting and for their countermeasures and in that regard i have written a tool that is still in its beta phase.
Thanks