Penetration Testing mailing list archives
Re: [PEN-TEST] NetRecon Assessment Tool
From: "Moonen, Ralph" <Moonen.Ralph () KPMG NL>
Date: Tue, 5 Sep 2000 11:24:24 +0200
I would be very curious if others have had this same experience with the tool when scanning Class C networks versus scanning ten or so boxes at a time.
Although I don't use the tool, I know someone who does, and he reported many trinoo and other trojan ports open. So I checked for him and found they were false positives. As far as I can figure, it is a result of the UDP scanning timeout. When scanning many hosts, apparently some packets get lost in the traffic, making Netrecon think the UDP port is open, when in fact it isn't. UDP scanning can be tricky.... --Ralph ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **********************************************************************
Current thread:
- [PEN-TEST] NetRecon Assessment Tool Jerry Dixon (Sep 02)
- <Possible follow-ups>
- Re: [PEN-TEST] NetRecon Assessment Tool Moonen, Ralph (Sep 05)