[Zope] VHM followup... an open proxy probe?

Jamie Heilman jamie@audible.transient.net
Sat, 15 Mar 2003 14:37:18 -0800

Dylan Reinhardt wrote:
> Looking over the Apache logs a bit more carefully, I can see several 
> requests of the form:
> http://www.virtualhost.com/misc_/SiteAccess/VirtualHostMonster.gif
> and
> http://www.virtualhost.com/p_/zopelogo_jpg
> Both of which will return graphics positively identifying your server as 
> Zope unless you've taken measures to the contrary.  Oops.

Hmm.  There are million ways to fingerprint zope, I suppose those are
as good as any.  But check out OFS/Application.py for nice fat sack of
ideas.  This is why I really want a tool that I can use to expose
every possible object available for request that includes what you can
obtain via acquisition.  It would making locking down a zope
installation much easier.
> Around the same times as the probes for site/vhm//, there were several 

Thats pretty interesting... assuming they'd find the vhm object...
what is there to do with it?  I actually tried doing stuff like that a
long time ago but I couldn't come up with anything useful to do with
it, maybe I missed something.  I do tend to use a random string
generator when naming objects that have no direct traversal value
though, I figure it can't hurt.

I looked through my logs for the past week, I didn't see any similar
signs of curiosity apart from my own attempts.

Jamie Heilman                   http://audible.transient.net/~jamie/
"Paranoia is a disease unto itself, and may I add, the person standing
 next to you may not be who they appear to be, so take precaution."
						-Sathington Willoughby