[LINK] More on spamming from the PMs son's company

rchirgwin at ozemail.com.au rchirgwin at ozemail.com.au
Sat Aug 28 18:54:19 EST 2004 

Stil; many thanks; I feared as much! It's notable that 
rentrort.netharbour.com.au has now been removed, although 
www.rentrort.com.au which is hosted at the same IP address is still 
"up". That's got to be one of the clumsiest coverups I can recall!

RC

Stilgherrian wrote:

> At 12:51 +1000 28/8/04, rchirgwin at ozemail.com.au wrote:
>
>> Question: are there tools to identify which domains are being hosted 
>> by "server X", if you don't already know the name of the domain?
>>
>> If (for eg) I see that rentrorts.com.au is at the same IP as Net 
>> Harbour, it's easy to surmise that NH is hosting rentrorts.com.au. 
>> But how would one discover what other Liberal Party fronts are hosted 
>> from the same location?
>
>
> Alas, it can't be done due to the way the web works. The only way 
> would be a brute-force trawl through some list of domains and build up 
> a database.
>
> The list of domains a particular server will respond to is part of the 
> web server software's configuration, but there's no command in the 
> HTTP protocol to query that configuration from "outside" the server -- 
> at least not in the way you need. Indeed, you wouldn't want there to 
> be, because that configuration contains information about the way 
> things are set up on the server which might be useful to potential 
> intruders.
>
> Specifically, this is how it works...
>
>   * The user's computer will use DNS to figure out that the HTTP
>     request for www.somedomain.com needs to be sent to the computer
>     at IP address aaa.bbb.ccc.ddd.
>
>   * The user's web browser sends an HTTP request to that IP address
>     which is, literally, "GET http://www.somedomain.com".
>
>   * The web server responds by sending back the relevant file (in
>     this case the default page for that domain), or an error to the
>     effect that the domain isn't hosted there.
>
> That said, the tools *may* exist to do this. With all the databases 
> around like the Netcraft web server survey...
>
>     http://news.netcraft.com/
>
> ... it would certainly be possible to query those databases and 
> generate the list. Whether the owners of those databases provide that 
> facility in their yser interface is another question. :)
>
> HTH,
>
> Stil
>
>

More information about the Link mailing list