Re: Port Scanning.

From: infosecgod@gmail.com
Date: Tue Dec 14 2004 - 15:57:09 EST

Next message: Jim Tuttle: "RE: Port mirroring detection"
Previous message: rzaluski: "RE: Penetration Testing Methodologies"
Maybe in reply to: Faisal Khan: "Port Scanning."
Next in thread: robert@dyadsecurity.com: "Re: Port Scanning."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <200412140446.iBE4kpsP012373@ivolution.ca>

>Port scanning is only part of it. If you are using >manual or automated tools you still need to VERIFY that >the port number associated with the protocol is indeed >what it advertises to be. Nmap for instance blindly >accepts that port 22 is associated with SSH but it this >fact? You should always verify the port protocol to >ensure that this is the case.

This is true – however nmap offers the –sV flag which does a fairly good job of service enumeration

J/

Next message: Jim Tuttle: "RE: Port mirroring detection"
Previous message: rzaluski: "RE: Penetration Testing Methodologies"
Maybe in reply to: Faisal Khan: "Port Scanning."
Next in thread: robert@dyadsecurity.com: "Re: Port Scanning."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:11 EDT