This is a pretty good tool! I learned quite a lot just by scanning the
routers on my network. Do you know of a port scanner that does ipx?
Thanks
Pierre-Alex
-Original Message-
From: Kevin Welch [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 06, 2001 2:58 AM
To: Pierre-Alex; [EMAIL PROTECTED]
Cc: Tony van Ree; ElephantChild
Subject: Port Scanners (Was Re: Simulation: ---Unix!)
NMAP is a pretty powerful tool. For windows port scans I actually prefer a
program called superscan. If your interested in giving it a shot, try the
link below:
http://www.foundstone.com/rdlabs/proddesc/superscan.html
It is not as good as nmap, but if your stuck on a windows box its a pretty
good choice.
-- Kevin
- Original Message -
From: "Pierre-Alex" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Kevin Welch" <[EMAIL PROTECTED]>; "Tony van Ree"
<[EMAIL PROTECTED]>; "ElephantChild" <[EMAIL PROTECTED]>
Sent: Monday, February 05, 2001 7:09 PM
Subject: Simulation: ---Unix!
> Hi All,
>
> I found the answer to my question by doing a search on "port scanner"
>
> Looks like the software is running on Unix, which means I am going to have
> to learn another operating system. :)
>
> Which version of Unix would you recommand? Seems to be hundreds of vendors
> out there!!!
>
> Pierre-Alex
>
> --
--
> --
> NMap Port scanner
>
>
> Details
> A new version of NMap has been released. Nmap is used for security
auditing,
> and the new version improves performance, stability and adds more
features.
> Some of the new features are:
>
> 1) Fast parallel pinging of all the hosts on a network to determine which
> ones are up. You can use the traditional ICMP echo request (ping), TCP ACK
> packet, or TCP SYN packet to probe for responses. By default it uses both
> ACKs & ICMP pings to maximize the chance of sneaking through packet
filters.
> There is also a connect() version for under-privileged users. The syntax
for
> specifying what hosts should be scanned is quite flexible.
>
> 2) Improved port scans can be used to determine what services are running.
> Techniques you can use include the SYN (half-open) scan, FIN, Xmas, or
Null
> stealth scans, connect scan (does not require root), FTP bounce attack,
and
> UDP scan. Options exist for common filter-bypassing techniques such as
> packet fragmentation and the ability to set the source port number (to 20
or
> 53, for example). It can also query a remote identd for the usernames the
> server is running under. You can select any (or all) port number(s) to
scan,
> since you may want to just sweep the networks you run for 1 or 2 services
> recently found to be vulnerable.
>
> 3) Remote OS detection via TCP/IP fingerprinting allows you to determine
> what operating system release each host is running. This functionality is
> similar to the awesome queso program, although nmap implements many new
> techniques. In many cases, nmap can narrow down the OS to the kernel
number
> or release version. A database of ~100 fingerprints for common operating
> system versions is included, thanks to a couple dozen beta testers who
> worked on the last 19 private beta releases.
>
> 4) TCP ISN sequence predictability lets you know what sequence prediction
> class (64K, time dependent, "true random", constant, etc.) the host falls
> into. A difficulty index is provided to tell you roughly how vulnerable
the
> machine is to sequence prediction.
>
> 5) Decoy scans can be used. The idea is that for every packet sent by nmap
> from your address, a similar packet is sent from each of the decoy hosts
you
> specify. This is useful due to the rising popularity of stealth port
> scanning detection software. If such software is used, it will generally
> report a dozen (or however many you choose) port scans from different
> addresses at the same time. It is very difficult to determine which
address
> is doing the scanning, and which are simply innocent decoys.
>
>
> Links
> You can download NMap 2.12 at:
> http://www.insecure.org/nmap/dist/nmap-2.12.tgz NMap's home page is at:
> http://www.insecure.org/nmap/.
>
>
>
>
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
