How would you judge if a remote server is running IIS or Apache?
Answers were Sorted based on User's Feedback
Answer / chaitanya
Error messages oftentimes giveaway what the server is running, and many times if the website administrator has not set up custom error pages for every site, it can give it away as simply as just entering a known bad address. Other times, just using telnet can be enough to see how it responds. Never underestimate the amount of information that can be gained by not getting the right answer but by asking the right questions.
Is This Answer Correct ? | 5 Yes | 0 No |
Answer / gaurav
Penetration testing techniques can easily reveal from a website which of the ports, operating systems and web servers are running. For Instance, Nikto and Owasp-Zed are two methods of doing this.
Is This Answer Correct ? | 1 Yes | 0 No |
1. Assume that passwords are selected from four-character combination of 26 alphabetic characters. Assume that an adversary is able to attempt passwords at a rate of one per second. a. Assuming no feedback to the adversary until each attempt has been completed, what is the expected time to recover the correct password? b. Assuming feedback to the adversary flagging an error as each incorrect character is entered, what is the expected time to discover the correct password?
What is the difference between a virus and a trojan?
0 Answers Tavant Technologies, Zensar,
How would you login to Active Directory from a Linux or Mac box?
What is an easy way to configure a network to allow only a single computer to login on a particular jack?
What is the CIA triangle?
You are remoted in to a headless system in a remote area. You have no physical access to the hardware and you need to perform an OS installation. What do you do?
What is the difference between closed-source and open-source? Which is better?
Does indexing slow down computer?
You find out that there is an active problem on your network. You can fix it, but it is out of your jurisdiction. What do you do?
What is the difference between a vulnerability and an exploit?
What are salted hashes?
How would you compromise an “Office Workstation” at a hotel?