[Tfug] [WAs digest] Innocuous/ubiquitous service(s)?

Zack Breckenridge zbrdge at gmail.com
Sat Apr 13 16:47:45 MST 2013


Your description made me think of this:

https://github.com/stealth/sshttp

Stable? Not sure. I've never actually used it.

It sounds like one of the crucial factors in your decision is the client
code. For example, I think you could make a simple apache module that
throws up a custom banner before waiting for an HTTP request. For example,
"HELLO IM <IP ADDR>".
But if you plan on connecting with a browser, this might break the client.

*If* you control the client code, then it probably isn't that big of a deal.

On Apr 13, 2013 3:04 AM, "Bexley Hall" <bexley401 at yahoo.com> wrote:
>
> Hi Shanna,
>
>
> On 4/10/2013 10:46 PM, shanna leonard wrote:
>>
>>
>> ------------------------------ Message: 4 Date: Wed, 10 Apr 2013
>> 12:51:05 -0700 From: Zack Williams <zdwzdw at gmail.com> To: Tucson Free
>> Unix Group <tfug at tfug.org> Subject: Re: [Tfug] Innocuous/ubiquitous
>> service(s)? Message-ID:
>>
>> On Wed, Apr 10, 2013 at 12:46 PM, Bexley Hall <bexley401 at yahoo.com>
wrote:
>>>>
>>>> - "unsurprising" if run on a "non-standard" port (e.g., running
>>>> HTTPd on port 3422 would raises eyebrows)
>>>>
>>> alt-port HTTP is pretty common.
>>
>>
>> How about alt-port http over ssl/tls (https) ?
>> common, easy to differentiate (by cert ?)
>
>
> I understand your point.  But, you (client) would hardly ever *notice*
> that sort of difference/differentiation.
>
> The problem with HTTPd is it expects *content* created/selected by
> the hosting entity.  I.e., if you deployed apache OotB AND DID NOTHING
> ELSE, there would be scads of sites serving up:
>    "It Worked! The Apache Web Server is installed on this Web Site!
>
>    "If you can see this page, then the people who own this
>    domain have just installed the Apache Web server software
>    successfully. They now have to add content to this directory
>    and replace this placeholder page, or else point the server
>    at their real content.
> etc.
>
> Of course, the reason you *don't* see scads of these is because the
> folks deploying apache *want* to serve up their own content (and not
> some pre-canned pages).  I.e., *they* ensure their (IP,port) yields
> a service differentiated from other folks'.
>
> The problem with HTTPd is that it doesn't *create* or *relay*
> content so *can't* differentiate itself from other instances.
> (I guess one could permute something like "Lorem ipsum dolor sit
> amet, consectetur adipisicing..." but that's hardly any better than
> just generating random sequences of *digits*  :< )
>
> By contrast, something like NTP "generates" its own "content"
> (i.e., the content isn't *expected* to differ conceptually from
> one site to another).
>
> But, NTP really wants to sit on a well-known port... far moreso
> than a web server!
>
> <frown>
>
> I have a couple of ideas from colleagues that I am exploring that
> might give me what I want -- albeit a bit of a kludge...  :-/
> I have some legal concerns over one of the approaches suggested
> so I'll have to research that before getting too committed.
>
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20130413/cb2880b8/attachment-0002.html>


More information about the tfug mailing list