Nmap Announce mailing list archives
Re: nmap in What's Cool on Security Search Engine
From: Fyodor <fyodor () dhp com>
Date: Sat, 17 Apr 1999 03:50:34 -0700 (MST)
on Thu, 15 Apr 1999 Simon Johnson wrote:
In case you don't know, Security Search is an IT security search engine and portal web site. It is free to use, and is intended to become the No.1 web site for finding information about IT security.
You should also know that this is run by the folks at Shake Communications ( http://www.shake.net ) who are best known for trying to sell Bugtraq archives for $10,000 a year (check out their page -- they are still doing this). I have contacted them to verify that they don't actually research and report new vulnerabilities. Shake confirmed that they simply repackage and sell other people's work. They have also been accused of many other disreputable activities including plagiarizing L0phtcrack documentation ( http://www.landfield.com/isn/mail-archive/1998/Apr/0155.html ), and spreading FUD by claiming serious, unpatched holes in Firewall-1 then refusing to substantiate the claims unless people pay $4000 ( http://x2.dejanews.com/[ST_rn=ps]/getdoc.xp?AN=360766960.1&CONTEXT=924297046.701825072&hitnum=1 ). Oh and since they are a security company you would expect them to be solid as a fortress right? Hehehehe, let us count the holes: amy#./nmap -p 1- -sS -O www.shake.net Starting nmap V. 2.2-BETA1 by Fyodor (fyodor () dhp com, www.insecure.org/nmap/) Interesting ports on shake.net (209.75.91.125): Port State Protocol Service 21 open tcp ftp 23 open tcp telnet 25 open tcp smtp 53 open tcp domain 80 open tcp http 110 open tcp pop-3 111 open tcp sunrpc 443 open tcp https 1743 open tcp unknown 2049 open tcp nfs 2400 open tcp unknown 4045 open tcp lockd 6000 open tcp X11 6112 open tcp dtspc 7070 open tcp unknown 7071 open tcp unknown 32771 open tcp unknown 32772 open tcp unknown 32773 open tcp unknown 32801 open tcp unknown 32804 open tcp unknown 32805 open tcp unknown TCP Sequence Prediction: Class=random positive increments Difficulty=258331 (Good luck!) Remote operating system guess: Solaris 2.6 - 2.7 amy~>showmount -e www.shake.net Export list for www.shake.net: /usr/local/www/conf web02.interspeed.net /usr/local/www/htdocs/hansonweb web02.interspeed.net amy~>rpcinfo -p www.shake.net program vers proto port 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100232 10 udp 32773 sadmind 100235 1 tcp 32771 cachefsd 100068 2 udp 32774 cmsd 100068 3 udp 32774 cmsd 100068 4 udp 32774 cmsd 100068 5 udp 32774 cmsd 100083 1 tcp 32772 rpc.ttdbserverd 100024 1 udp 32778 status 100024 1 tcp 32773 status 100021 1 udp 4045 nlockmgr 100021 2 udp 4045 nlockmgr 100021 3 udp 4045 nlockmgr 100021 4 udp 4045 nlockmgr 100021 1 tcp 4045 nlockmgr 100021 2 tcp 4045 nlockmgr 100021 3 tcp 4045 nlockmgr 100021 4 tcp 4045 nlockmgr 100005 1 udp 32997 mountd 100005 2 udp 32997 mountd 100005 3 udp 32997 mountd 100005 1 tcp 32801 mountd 100005 2 tcp 32801 mountd 100005 3 tcp 32801 mountd 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100227 2 udp 2049 nfs_acl 100227 3 udp 2049 nfs_acl 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100227 2 tcp 2049 nfs_acl 100227 3 tcp 2049 nfs_acl 300598 1 udp 33012 dmispd 300598 1 tcp 32805 dmispd 805306368 1 udp 33012 dmispd 805306368 1 tcp 32805 dmispd 100249 1 udp 33013 snmpXdmid 100249 1 tcp 32806 snmpXdmid Even Carolyn Meinel could root this box in a few minutes! Note that I do *NOT* advocate breaking in. I just think a look at their security posture says a lot about whether we should pay them $10,000 a year for their security services. Cheers, Fyodor -- Fyodor 'finger pgp () insecure org | pgp -fka' In a free and open marketplace, it would be surprising to have such an obviously flawed standard generate much enthusiasm outside of the criminal community. --Mitch Stone on Microsoft ActiveX
Current thread:
- Re: nmap in What's Cool on Security Search Engine Fyodor (Apr 17)