|Title:||Response Time / No 404 Error Code Check|
|Summary:||This VT tests if the remote web server does not reply with a 404; error code and checks if it is replying to the scanners requests in a reasonable amount of time.|
This VT tests if the remote web server does not reply with a 404
error code and checks if it is replying to the scanners requests in a reasonable amount of time.
This web server might show the following issues:
- it is [mis]configured in that it does not return '404 Not Found' error codes when a non-existent
file is requested, perhaps returning a site map, search page, authentication page or redirect instead.
The Scanner might enabled some counter measures for that, however they might be insufficient. If a
great number of security issues are reported for this port, they might not all be accurate.
- it doesn't response in a reasonable amount of time to various HTTP requests sent by this VT.
In order to keep the scan total time to a reasonable amount, the remote web server might not be
tested. If the remote server should be tested it has to be fixed to have it reply to the scanners
requests in a reasonable amount of time.
Alternatively the 'Maximum response time (in seconds)' preference could be raised to a higher
value if longer scan times are accepted.
|Copyright||Copyright (C) 2006 RD / H D Moore|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.