Hi everybody.
I think there is a problem in plugin number 15517. According to the source
code, it is stalled in the function recv until a timeout of three seconds
expires. If that happens, and the data received so far is only one byte
long, the plugin says Hacker Defender is installed in the scanned machine.
However, with a longer delay it is possible a complete answer could be
received. That happened to me scanning a web server: the plugin said Hacker
Defender was installed on port 443. An small program written by me, which
does the same as the plugin, but with a longer delay, revealed 3 seconds was
not enough time to receive a complete http 400 response.
At first, I thought three seconds should have been enough delay, but it
wasn't.
As well as this, the plugin doesn't says which version of hacker defender
could be installed.
Thanks for your attention! .
David.
--
Este mensaje ha sido analizado por ITDeustoProtect
en busca de virus y otros contenidos peligrosos,
y se considera que está limpio.
--
I think there is a problem in plugin number 15517. According to the source
code, it is stalled in the function recv until a timeout of three seconds
expires. If that happens, and the data received so far is only one byte
long, the plugin says Hacker Defender is installed in the scanned machine.
However, with a longer delay it is possible a complete answer could be
received. That happened to me scanning a web server: the plugin said Hacker
Defender was installed on port 443. An small program written by me, which
does the same as the plugin, but with a longer delay, revealed 3 seconds was
not enough time to receive a complete http 400 response.
At first, I thought three seconds should have been enough delay, but it
wasn't.
As well as this, the plugin doesn't says which version of hacker defender
could be installed.
Thanks for your attention! .
David.
--
Este mensaje ha sido analizado por ITDeustoProtect
en busca de virus y otros contenidos peligrosos,
y se considera que está limpio.
--