Penetration Testing mailing list archives
Re: [PEN-TEST] A little levity...
From: Ryan Permeh <ryan () EEYE COM>
Date: Fri, 29 Sep 2000 15:34:28 -0700
he must be hitting the crack pipe really hard.
From what i can gather from the lack of real hard info on there, and the
attempts to make everything seem all spooky and new, this is simply a client server scanning package. you load this client up onto your machine(i guess you gotta trust that grc.com isn't owned, or wanting to do malicisous things to you). Then a server hits you with a syn/ack/fin/wakky packet scan. These are his uberelite "nanoprobes". they are probably interpreted by the client side program to do scanning locally. All in all, envision this: a server side scanner (retina, iss, NAI, or even nmap) a client side sniffer(take your pick, iris, tcpdump, whatever) now put a tunnel between them(probably client side inititated to "bypass Nat firewall restrictions") this tunnel will carry information regarding psecific attack scearios that can be executred by the client or the server. Basically, you can use one side to test what's between the two by knowing what should be coming through.(ie: test outgoing firewall rules by sending a barage of packets out to grc, who is waiting for a response, or vice versa). neat idea if it works, and as i said, you trust grc to have deep level access(to run a sniffer or a privledged program) to your system. (PS, i do not know exactly how this works, this is a guess based on reading the page and cutting through the bullshit) Signed, Ryan eEye Digital Security Team http://www.eEye.com ----- Original Message ----- From: "Deus, Attonbitus" <Thor () HAMMEROFGOD COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Friday, September 29, 2000 3:19 PM Subject: Re: A little levity...
This guy is either very, very, funny or in desperate need of some
meds...
It must be the latter, as he is not kidding. Mr. Gibson is obviously
quite
thrilled with himself. AD
Current thread:
- [PEN-TEST] A little levity... Alfred Huger (Sep 29)
- Re: [PEN-TEST] A little levity... Deus, Attonbitus (Sep 29)
- Re: [PEN-TEST] A little levity... Ryan Permeh (Sep 29)
- Re: [PEN-TEST] A little levity... Schlachter, Jake (Sep 29)
- Re: [PEN-TEST] A little levity Revisited Deus, Attonbitus (Sep 29)
- Re: [PEN-TEST] A little levity Revisited Schlachter, Jake (Sep 29)
- Re: [PEN-TEST] A little levity Revisited Sean Knox (Sep 29)
- Re: [PEN-TEST] A little levity Revisited Pierre Vandevenne (Sep 30)
- Re: [PEN-TEST] A little levity Revisited Schlachter, Jake (Sep 29)
- Re: [PEN-TEST] A little levity... Deus, Attonbitus (Sep 29)
- <Possible follow-ups>
- Re: [PEN-TEST] A little levity... Dunker, Noah (Sep 29)