Re: server port hardening assessment

From: Chris Halverson (darus.integration@gmail.com)
Date: Fri Jul 27 2007 - 11:15:58 EDT

• Next message: Carl Livitt: "Re: Brute-forcing cached Windows login password hashes"
• Previous message: p1g: "SAS 70"
• In reply to: tima: "RE: server port hardening assessment"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

What is the outcome you are wanting to achieve with this?
Is this for auditing purposes that you have to document what ports are
open and what application is using it?
Or are you wanting a create a baseline of what should be open on a
specific host and document what ports you are wanting to close?
Are you considering firewalls in the scanning practice?

> -----Original Message-----
> From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
> Behalf Of jimmy wong
> Sent: Thursday, July 26, 2007 11:48 AM
> To: pen-test@securityfocus.com
> Subject: server port hardening assessment
>
> Hi All,
>
> Can anyone advise or experienced any good tools to
> perform and audit the port open for server in
> diferent
> platform.
>
> And,what is the best approach to identify the open
> port ? Currently I'm using a freeware to scanning
> but
> just worry if there is false postive from it
> outcome.Should we engaged at least 2 different tools
> for confirmation ?
>
> Pls advise.
>
> regards,
> Jim
>
>
> >
> >
> >
> >
> >
> ____________________________________________________________________________
> ________
> > Need a vacation? Get great deals
> > to amazing places on Yahoo! Travel.
> > http://travel.yahoo.com/
> >
>
>
>
>
> ____________________________________________________________________________
> ________
> Looking for a deal? Find great prices on flights and hotels with Yahoo!
> FareChase.
> http://farechase.yahoo.com/
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: Carl Livitt: "Re: Brute-forcing cached Windows login password hashes"
• Previous message: p1g: "SAS 70"
• In reply to: tima: "RE: server port hardening assessment"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:58 EDT