one way a technically proficient UU can remotely determine the configuration of a target system is through capabilities inherent in hypertext transfer protocol.Users who access certain Web sites actually send configuration information,such as the type of brower being used,to the requesting site.once the system configuration is known , then exploits can be selected