Reset Search
 

 

Article

Dragon: Is Dragon IPS vulnerable to HTTP Header Queries?

« Go Back

Information

 
TitleDragon: Is Dragon IPS vulnerable to HTTP Header Queries?
Question
Is Dragon IPS vulnerable to HTTP Header Queries?
Environment
  • Dragon v7.x
  • Dragon v8.x
Answer
The Dragon web interface only runs https on port 9443. Querying port 80 or 8080 should not return any information. Connecting to port 9443 should prompt for a login screen.

Taking this one step further, if you attempted to retrieve the http header from the CLI with wget, you would also get 'no headers'.   For example:

wget --save-headers 10.58.27.190:9443
--13:40:29-- http://10.58.27.190:9443/
=> `index.html'
Connecting to 10.58.27.190:9443... connected.
HTTP request sent, awaiting response... 200 No headers, assuming HTTP/0.9
Length: unspecified
[ <=> ] 7 --.--K/s
13:40:29 (346.88 KB/s) - `index.html' saved [7]
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255