💾 Archived View for rawtext.club › ~sloum › geminilist › 006816.gmi captured on 2024-03-21 at 16:15:15. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

<-- back to the mailing list

Detection of Gemini server software

Anna “CyberTailor” cyber at sysrq.in

Tue Jun 29 09:12:32 BST 2021

- - - - - - - - - - - - - - - - - - - 

The specification leaves error messages in response field "meta" toservers' developers. So in response to malfored request servers maysend "59 invalid request", "59 Error parsing URL!", "59 Invalid URL"or something else.

Is it a security issue or just "creepy"?

Potential attackers can't detect vulnerable software versions usingthis method, only its name. Also there aren't any known security flawsexcept that naughty ".."

Bonus: nmap can be learned to detect gemini servers:https://nmap.org/book/vscan-community.html

If you are interested, post your server's fingerprint here:https://nmap.org/cgi-bin/submit.cgi?new-service