RE: Nikto open ports

From: Shenk, Jerry A (jshenk@decommunications.com)
Date: Tue Nov 07 2006 - 17:34:40 EST


That would be a pretty easy thing to test. Put a sniffer between your
testing machine and the tested machine and capture all the data going
through. It should be very easy to see if sessions are being closed by
the client (testing machine) or not.

I know that I've never experienced the problem you're seeing but,
perhaps I just didn't notice it.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of noa@imperva.com
Sent: Tuesday, November 07, 2006 6:14 AM
To: pen-test@securityfocus.com
Subject: Nikto open ports

Hi,

I used nikto to test a specific open port on a server. I ran the exact
same test mutliple consecutive times, starting the next test immediately
after the current one ended.
I saw that after a few tests, nikto replied that there was no HTTP port
on that server...
A closer look revealed that the previous nikto test left the ports open
so I'm guessing that the server stops responding because of too many
open ports.
Has anyone encountered this behavior? Do you know whether nikto does not
in fact properly close all connections?

Thank you,
Noa

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------




**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:18 EDT