Penetration Testing mailing list archives
Re: [PEN-TEST] Database of service output
From: "Randall, Mark (ISSCalifornia)" <MRandall () ISS NET>
Date: Mon, 11 Dec 2000 02:57:16 -0500
I don't know about a database, but Nessus does exactly what you describe. It doesn't report services simply because of a connection to a port that is part of the IANA standards. It actually probes the running services. They call it "Smart service recognition" and have used it as one of the selling points for Nessus for quite some time. http://www.nessus.org/features.html Again, I don't know about an actual database...but nessus is open source, so you can certainly see how they're doing it.
-----Original Message----- From: Dave Cowen [mailto:dcowen () ENSTAR COM] Sent: Thursday, December 07, 2000 11:59 AM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Database of service output Hi, We are working on a project to modify popular scanners to detect services by their service output <if available> rather than trusting their port assignment. Do any of you know of such a database or list that exists today or would be willing to contribute to this project that will be given as an open source resource, first through SARA and then nmap. We believe that this tool will greatly reduce our time if having to check each port after a scan to verify the service listed is the service running. Thanks in advance, Dave Cowen, CISSP Security Services Manager Enstar http://www.enstar.com Tel: 972-929-5267 Fax: 972-915-6969 Email: dcowen () enstar com
Current thread:
- [PEN-TEST] Database of service output Dave Cowen (Dec 10)
- Re: [PEN-TEST] Database of service output Arturo Busleiman (Dec 13)
- <Possible follow-ups>
- Re: [PEN-TEST] Database of service output Randall, Mark (ISSCalifornia) (Dec 13)
- Re: [PEN-TEST] Database of service output Dave Cowen (Dec 13)
- Re: [PEN-TEST] Database of service output Renaud Deraison (Dec 14)