From: Paul Johnston (paul@westpoint.ltd.uk)
Date: Thu Apr 22 2004 - 11:07:18 EDT
Hi,
1) How reliable have people here found nmap and nessus to be? I have
encountered (rare) cases of nmap not finding ports, and also of nessus
not identifying ports during the find_service stage. We hear a lot about
false positives, but it's much harder to notice false negatives.
Anything that can be done about this?
2) I'm looking at setting up a box to capture all traffic on our
scanning network. Does anyone have thoughts on doing this, based on
their operational experiences?
3) Using Core Impact's Impacket library, how can you get it to calculate
UDP or TCP checksums correctly? No matter what I do they won't come out
right. It works fine for ICMP. While I'm on the subject, what do people
use for raw packet libraries? I really like scapy for interactive use,
but it seems a bit heavyweight for use in scripts.
Regards,
Paul
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: paul@westpoint.ltd.uk web: www.westpoint.ltd.uk ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:52 EDT