Penetration Testing mailing list archives
Re: Difficulties in Network Mapping & port scanning
From: Petr.Kazil () eap nl
Date: Fri, 13 Jan 2006 21:06:47 +0100
Inspiring desription by Pete! I will look more into Unicornscan. Pete Herzog <lists () isecom org> wrote on 04-01-2006 15:06:00:
It's basically: construct packet, record construct, send packets, and record response. Modify and retry. Correlate.
However I sympathize with the original poster (David). Over the years firewalls have gotten better and most of the techniques that used to work (TTL-tweaking etc.) don't seem to work anymore. Running a sniffer along with the scan is good practice, but usually doesn't produce much of value. What works surprisingly well is scanning the IP-range in Google. I've written a simple script that will query Google for adresses in a range form (let's say) 10.0.0.1 to 10.0.0.255. This usually yields the adresses of outgoing proxies that would be invisible in a normal scan. Most often it's not possible to do anything useful with this information, but most clients are amused: "You discovered all our systems and even some that don't exist anymore!" :-) ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Difficulties in Network Mapping & port scanning David Ball (Jan 03)
- Re: Difficulties in Network Mapping & port scanning Pete Herzog (Jan 04)
- Re: Difficulties in Network Mapping & port scanning Petr . Kazil (Jan 15)
- Re: Difficulties in Network Mapping & port scanning Don Parker (Jan 05)
- Re: Difficulties in Network Mapping & port scanning David Ball (Jan 07)
- Re: Difficulties in Network Mapping & port scanning david lodge (Jan 11)
- Re: Difficulties in Network Mapping & port scanning David Ball (Jan 07)
- Re: Difficulties in Network Mapping & port scanning Pete Herzog (Jan 04)