Banner Grabbing Exercise

This exercise complements material in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.

This lab shows you one method of grabbing a banner from a server and learn information from it.

Requirements: This exercise assumes you’re running a Windows system and know how to access the command line. If it isn’t enabled, you’ll need to enable Telnet on the system. You can do this on Windows  7 systems via Control Panel -> Programs and Features -> Turn Windows features on or off.

1. Open a command prompt.

2. Type in telnet 80 and press Enter. The system will attempt to connect to the server using the HTTP port of 80.

3. Type in 80 and press Enter. The system will retrieve the HTML banner and includes information such as the following:
<title>501 Method Not Implemented</title>
<h1>Method Not Implemented</h1>
<p>GET to /index.html not supported.<br /></p>
<p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>
<address>Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/ Server at Port 80</address>
Connection to host lost.

3. The HTML code is returning several errors which can be ignored. The real information is at the end. You can see the following information:

  • Apache/2.2.25 (Unix) – This is an Apache web server version 2.25 running on a Unix system.
  • mod_ssl/2.2.25 – This is an Apache module that provides SSL and TLS support.
  • OpenSSL/1.0.0-fips – This is an open source implementation of SSL and TLS protocols using Federal Information Processing Standard (fips)
  • mod_auth_passthrough/2.1 – An Apache module that supports other programs to use their own authentication methods.
  • mod_bwlimited/1.4 – this identifies a CPanel modules used for monitoring bandwidth.
  • FrontPage/ – It has a FrontPage extension enabled.
  • Server at Port 80 – This shows the IP and port number.

Back to Security+ labs

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.