- Posts: 1390
- Thank you received: 0
Insider attack
18 years 3 months ago #17020
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Insider attack
Take a look at N-MAP (its Unix flavour is better but since i have no Unix skills i do use the Windows Port which i have fund to be ok).
N-MAP will give you the opportunity to do several types of port scans, inluding Connect-Scans, Syn-Scans, Fin-Scans, Ack-Scans, XMas-Scans. And also spoofing the source address. Their website is a wonderful resource for this stuff and also to download the application insecure.org/
Also, if you are like me and not too good with Unix, here is a bootable CD which will boot into a flavour of unix which is loaded full of these tools (including N-MAP). BackTrack is whats come about from a few CDs that they are merged into one. One was Auditor and the other was Whax (which was before more time). Here is the page, i would really recommend a download and a scan as its got some great utils, also they can do vulnerability scanning and some web based hacking also (although i find that most of the web based stuff only works on older unpatched OS's since the newer stuff is a lot more secure)
www.remote-exploit.org/index.php/Main_Page
Hope it all helps ya
If you can wangle a course from work then take a look at the Certified Ethical Hacking course, by eccouncil www.eccouncil.org/
Cheers
N-MAP will give you the opportunity to do several types of port scans, inluding Connect-Scans, Syn-Scans, Fin-Scans, Ack-Scans, XMas-Scans. And also spoofing the source address. Their website is a wonderful resource for this stuff and also to download the application insecure.org/
Also, if you are like me and not too good with Unix, here is a bootable CD which will boot into a flavour of unix which is loaded full of these tools (including N-MAP). BackTrack is whats come about from a few CDs that they are merged into one. One was Auditor and the other was Whax (which was before more time). Here is the page, i would really recommend a download and a scan as its got some great utils, also they can do vulnerability scanning and some web based hacking also (although i find that most of the web based stuff only works on older unpatched OS's since the newer stuff is a lot more secure)
www.remote-exploit.org/index.php/Main_Page
Hope it all helps ya
If you can wangle a course from work then take a look at the Certified Ethical Hacking course, by eccouncil www.eccouncil.org/
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
18 years 3 months ago #17021
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Insider attack
Yeah, been trying to post that for nearly a week now
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
18 years 3 months ago #17055
by Rockape
Replied by Rockape on topic Re: Insider attack
Hi,
If you are looking for a way to see if ports etc are open. I'll have a chat with the Bishop. We have found and use a little freeware port scanner. We call it the "evil port scanner" because it is great. You can either direct it at one pc, or an IP range. Once it has done its scans, it will tell you what ports are open on the PC.
Hopefully, this will put you onto the road of finding any vulnerabilities on your machines. Once installed, it is very easy to use, the GUI is simple point and shoot.
Cheers
Rockape
If you are looking for a way to see if ports etc are open. I'll have a chat with the Bishop. We have found and use a little freeware port scanner. We call it the "evil port scanner" because it is great. You can either direct it at one pc, or an IP range. Once it has done its scans, it will tell you what ports are open on the PC.
Hopefully, this will put you onto the road of finding any vulnerabilities on your machines. Once installed, it is very easy to use, the GUI is simple point and shoot.
Cheers
Rockape
18 years 3 months ago #17060
by TheBishop
Replied by TheBishop on topic IP Scanner
The tool in question is SuperScan from Foundstone;
www.foundstone.com/index.htm?subnav=reso...oddesc/superscan.htm
. Another good one is the Angry IP Scanner
www.angryziber.com/ipscan/
. There are numerous other freeware/open source ones out there too
18 years 3 months ago #17061
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Insider attack
Yup, also used both of these, they are listed on the CEH Course. They are very easy to use also which is a bonus.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.129 seconds