[Tfug] [WAs digest] Innocuous/ubiquitous service(s)?

TR trexx at pobox.com
Sat Apr 13 17:25:50 MST 2013


How about any of the database service ports like Oracle 1521 or SQL Server
1433


On Sat, Apr 13, 2013 at 4:47 PM, Zack Breckenridge <zbrdge at gmail.com> wrote:

> Your description made me think of this:
>
> https://github.com/stealth/sshttp
>
> Stable? Not sure. I've never actually used it.
>
> It sounds like one of the crucial factors in your decision is the client
> code. For example, I think you could make a simple apache module that
> throws up a custom banner before waiting for an HTTP request. For example,
> "HELLO IM <IP ADDR>".
> But if you plan on connecting with a browser, this might break the client.
>
> *If* you control the client code, then it probably isn't that big of a
> deal.
>
> On Apr 13, 2013 3:04 AM, "Bexley Hall" <bexley401 at yahoo.com> wrote:
> >
> > Hi Shanna,
> >
> >
> > On 4/10/2013 10:46 PM, shanna leonard wrote:
> >>
> >>
> >> ------------------------------ Message: 4 Date: Wed, 10 Apr 2013
> >> 12:51:05 -0700 From: Zack Williams <zdwzdw at gmail.com> To: Tucson Free
> >> Unix Group <tfug at tfug.org> Subject: Re: [Tfug] Innocuous/ubiquitous
> >> service(s)? Message-ID:
> >>
> >> On Wed, Apr 10, 2013 at 12:46 PM, Bexley Hall <bexley401 at yahoo.com>
> wrote:
> >>>>
> >>>> - "unsurprising" if run on a "non-standard" port (e.g., running
> >>>> HTTPd on port 3422 would raises eyebrows)
> >>>>
> >>> alt-port HTTP is pretty common.
> >>
> >>
> >> How about alt-port http over ssl/tls (https) ?
> >> common, easy to differentiate (by cert ?)
> >
> >
> > I understand your point.  But, you (client) would hardly ever *notice*
> > that sort of difference/differentiation.
> >
> > The problem with HTTPd is it expects *content* created/selected by
> > the hosting entity.  I.e., if you deployed apache OotB AND DID NOTHING
> > ELSE, there would be scads of sites serving up:
> >    "It Worked! The Apache Web Server is installed on this Web Site!
> >
> >    "If you can see this page, then the people who own this
> >    domain have just installed the Apache Web server software
> >    successfully. They now have to add content to this directory
> >    and replace this placeholder page, or else point the server
> >    at their real content.
> > etc.
> >
> > Of course, the reason you *don't* see scads of these is because the
> > folks deploying apache *want* to serve up their own content (and not
> > some pre-canned pages).  I.e., *they* ensure their (IP,port) yields
> > a service differentiated from other folks'.
> >
> > The problem with HTTPd is that it doesn't *create* or *relay*
> > content so *can't* differentiate itself from other instances.
> > (I guess one could permute something like "Lorem ipsum dolor sit
> > amet, consectetur adipisicing..." but that's hardly any better than
> > just generating random sequences of *digits*  :< )
> >
> > By contrast, something like NTP "generates" its own "content"
> > (i.e., the content isn't *expected* to differ conceptually from
> > one site to another).
> >
> > But, NTP really wants to sit on a well-known port... far moreso
> > than a web server!
> >
> > <frown>
> >
> > I have a couple of ideas from colleagues that I am exploring that
> > might give me what I want -- albeit a bit of a kludge...  :-/
> > I have some legal concerns over one of the approaches suggested
> > so I'll have to research that before getting too committed.
> >
> >
> > _______________________________________________
> > Tucson Free Unix Group - tfug at tfug.org
> > Subscription Options:
> > http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20130413/89599605/attachment-0002.html>


More information about the tfug mailing list