From: Mister Dookie (misterdookie@gmail.com)
Date: Wed Jul 18 2007 - 17:48:28 EDT
Does port scanning and discovery with Windows XPSP2 work more
naturally from within Cygwin or or a *nix OS running within VMWare, or
is it better to just perform these tasks with NMAP from within native
*nix?
On 6/26/07, Lee Lawson <leejlawson@gmail.com> wrote:
> Port scanning is not an exact science, although it should be.
>
> With regard to UDP scanning, a port is determined as open if it does
> not respond to probe attempts. This means that if it responds with an
> ICMP port unreachable message, it's closed, it no response is
> received, it is thought to be open.
>
> There are a number of reasons that causes a lack of response to a UDP
> scan, such as network issues, firewalls, luck! I find that UDP
> scanning, especially over the Internet, is likely to cause conflicting
> results.
>
> What do you get for TCP results?
> Are you scanning on the LAN or over the Internet?
> Have you tried nmap?
>
> Something worth trying as an exercise is to identify all of the open
> ports on the local, target system (if you have access to it!). You
> can use a number of tools to do this, but I like fport. It's a small
> command line tools that lists the PID, port, protocol and parent
> process. Run this tool and then compare the locally gathered results
> to the port scanners.
>
>
> On 25 Jun 2007 21:59:58 -0000, crumdub12@gmail.com <crumdub12@gmail.com> wrote:
> > A Chairde,
> >
> >
> > Havin, some issues with scanning stacks on my system.
> >
> >
> > 1. Using Superscan4 , I scan stack UDP-TCP 1-65534 , Sometimes I
> >
> > get no ports open , another time I get 49159 UDP Ports open, only get port report, no attempt made to open any ports ... , when get open ports , I always get 49159 UDP Ports ...... , use the scanner at 250msecs , takes around 16 hours to finish.
> >
> >
> > 2. Using Languard, Nessus and Retina , get different scans from each tool, any ideas why, how do I find out real ports open.. differences can be 10,000 ports
> >
> >
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Are you using SPI, Watchfire or WhiteHat?
> > Consider getting clear vision with Cenzic
> > See HOW Now with our 20/20 program!
> >
> > http://www.cenzic.com/c/2020
> > ------------------------------------------------------------------------
> >
> >
>
>
> --
> Lee J Lawson
> leejlawson@gmail.com
>
> "Give a man a fire, and he'll be warm for a day; set a man on fire,
> and he'll be warm for the rest of his life."
>
> "Quidquid latine dictum sit, altum sonatur."
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer
http://www.cenzic.com/c/wf-spi
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:57 EDT