- Posts: 521
- Thank you received: 0
An Introduction To Security
21 years 2 weeks ago #1633
by tfs
Thanks,
Tom
Replied by tfs on topic Re: An Introduction To Security
You may be right, but the new version 3.48 was just released - date of 10/6/03 (I believe). This may be a better version. Haven't actuall loaded it yet.
I wasn't having any problems with 1.3.1, myself.
I wasn't having any problems with 1.3.1, myself.
Thanks,
Tom
21 years 2 weeks ago #1637
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: An Introduction To Security
Yeah, 3.48 is new.. I recommend you get it because I don't think 3.00 has version scanning which is really becoming the most kick ass feature. It will tell you exactly what is running on a particular port.. for example IIS/4.0, Apache 1.3.27 etc etc and it does this not by grabbing banners but by maintaining a fingerprint database of known responses ! And when you find a service that it doesnt recognise you can submit the fingerprint to the database.
The new version will most likely have the newest submitted fingerprints. I actually submitted a fingerprint the other day for an Ascend Router telnet server.
The new version will most likely have the newest submitted fingerprints. I actually submitted a fingerprint the other day for an Ascend Router telnet server.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
21 years 2 weeks ago #1641
by tfs
Thanks,
Tom
Replied by tfs on topic Re: An Introduction To Security
I'll have to load it tomorrow or the next day and look at it.
Thanks,
Tom
21 years 2 weeks ago #1667
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: An Introduction To Security
Heres my holiday snapshot of version scanning at work, this is 3.45 running under Windows XP with winpcap 2.3
[code:1]
C:\WINDOWS>nmap -sS -sV -O -F -v 192.168.6.128
Starting nmap 3.45 ( http://www.insecure.org/nmap ) at 2003-11-06 03:36 India St
andard Time
Host 192.168.6.128 appears to be up ... good.
Initiating SYN Stealth Scan against 192.168.6.128 at 03:36
Adding open port 6000/tcp
Adding open port 111/tcp
Adding open port 1024/tcp
The SYN Stealth Scan took 3 seconds to scan 1211 ports.
Initiating service scan against 3 services on 1 host at 03:36
The service scan took 10 seconds to scan 3 services on 1 host.
Initiating RPCGrind Scan against 192.168.6.128 at 03:36
The RPCGrind Scan took 1 second to scan 2 ports.
For OSScan assuming that port 111 is open and port 1 is closed and neither are f
irewalled
Interesting ports on 192.168.6.128:
(The 1208 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
111/tcp open rpcbind 2 (rpc #100000)
1024/tcp open status 1 (rpc #100024)
6000/tcp open X11 (access denied)
Device type: PDA
Running: Linux 2.4.X
OS details: Linux 2.4.6 as on Sharp Zaurus PDA
Uptime 0.006 days (since Thu Nov 06 03:28:18 2003)
TCP Sequence Prediction: Class=random positive increments
Difficulty=2438573 (Good luck!)
IPID Sequence Generation: All zeros
Nmap run completed -- 1 IP address (1 host up) scanned in 29.583 seconds
C:\WINDOWS>[/code:1]
It identified the vmware linux box as on a PDA, which was wierd.. maybe the new fingerprints will help. But hows that for accuracy, the kernel is 2.4.21, and the uptime is perfect ! I can't believe people call this just a portscanner !
[code:1]
C:\WINDOWS>nmap -sS -sV -O -F -v 192.168.6.128
Starting nmap 3.45 ( http://www.insecure.org/nmap ) at 2003-11-06 03:36 India St
andard Time
Host 192.168.6.128 appears to be up ... good.
Initiating SYN Stealth Scan against 192.168.6.128 at 03:36
Adding open port 6000/tcp
Adding open port 111/tcp
Adding open port 1024/tcp
The SYN Stealth Scan took 3 seconds to scan 1211 ports.
Initiating service scan against 3 services on 1 host at 03:36
The service scan took 10 seconds to scan 3 services on 1 host.
Initiating RPCGrind Scan against 192.168.6.128 at 03:36
The RPCGrind Scan took 1 second to scan 2 ports.
For OSScan assuming that port 111 is open and port 1 is closed and neither are f
irewalled
Interesting ports on 192.168.6.128:
(The 1208 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
111/tcp open rpcbind 2 (rpc #100000)
1024/tcp open status 1 (rpc #100024)
6000/tcp open X11 (access denied)
Device type: PDA
Running: Linux 2.4.X
OS details: Linux 2.4.6 as on Sharp Zaurus PDA
Uptime 0.006 days (since Thu Nov 06 03:28:18 2003)
TCP Sequence Prediction: Class=random positive increments
Difficulty=2438573 (Good luck!)
IPID Sequence Generation: All zeros
Nmap run completed -- 1 IP address (1 host up) scanned in 29.583 seconds
C:\WINDOWS>[/code:1]
It identified the vmware linux box as on a PDA, which was wierd.. maybe the new fingerprints will help. But hows that for accuracy, the kernel is 2.4.21, and the uptime is perfect ! I can't believe people call this just a portscanner !
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
21 years 2 weeks ago #1669
by tfs
Thanks,
Tom
Replied by tfs on topic Re: An Introduction To Security
But does the GUI work well or look better? You said you didn't like the 1.3.1 GUI.
Thanks,
Tom
20 years 11 months ago #1819
by Maskkkk
[img]http://home.pct.edu/~leeand00/Hole in the Ozone Layer.gif[/img]
- A Man is not an island...that's why we have fourms!
Replied by Maskkkk on topic Re: An Introduction To Security
Yeah thanks, but do you guys have some kinda FAQWiki you can post it in? So we can have some giant conglomeration of Network FAQs?
[img]http://home.pct.edu/~leeand00/Hole in the Ozone Layer.gif[/img]
- A Man is not an island...that's why we have fourms!
Time to create page: 0.165 seconds