Re: Pen test, tcp/1404 found - advice needed

From: Andre Ludwig (andre.ludwig@gmail.com)
Date: Fri Sep 16 2005 - 13:26:31 EDT

• Next message: Jeroen: "Re: MS SQL Server"
• Previous message: Jorge Alfredo Garcia: "hopfake question."
• In reply to: Nicolas RUFF: "Re: Pen test, tcp/1404 found - advice needed"
• Next in thread: Craig Wright: "FW: Pen test, tcp/1404 found - advice needed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

All,

I am an idiot, mesa madea miztake!

Seems that it was port 1494 (citrix) that seKurity wizard was
confounded by. NOT 1404 like i had gone on about.

Mr seKurity Wizard next time try searching for the port number on the
following list of known services and ports.

http://www.iana.org/assignments/port-numbers

If it isn't on there then my suggestion still remains a viable option.

Dr3

If you are looking for that l33t "0-day of reckoning" spell i spoke of
i cant not share such elite magic with you, or my wizard would surely
turn me into some hideous creature.

On 9/16/05, Nicolas RUFF <nicolas.ruff@gmail.com> wrote:
> > Found tcp/1494 open to a server during a pen test, black-box
> > style. Are there any interesting tools that may be available to extract
> > information from the server on the receiving end?
>
> Hello,
>
> Is it TCP/1404 or TCP/1494 ?
>
> TCP/1494 is the well-known Citrix ICA port, I suggest you download a
> free client to begin with :
> http://www.citrix.com/site/SS/downloads/downloads.asp?dID=2755
>
> Regards,
> - Nicolas RUFF
> Security researcher @ EADS-CCR
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Jeroen: "Re: MS SQL Server"
• Previous message: Jorge Alfredo Garcia: "hopfake question."
• In reply to: Nicolas RUFF: "Re: Pen test, tcp/1404 found - advice needed"
• Next in thread: Craig Wright: "FW: Pen test, tcp/1404 found - advice needed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:55 EDT