From: Marco Ivaldi (raptor@0xdeadbeef.info)
Date: Thu Mar 30 2006 - 06:19:58 EST
On Tue, 28 Mar 2006, Tim Brown wrote:
> I quite like nmap -sO -P0 to identify live hosts:
This won't detect a properly firewalled [1] host:
root@pandora:~# nmap -sO -P0 x.x.x.x
Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-03-30 13:12
CEST
All 256 scanned ports on xxx.mediaservice.net (x.x.x.x) are:
open|filtered
Nmap finished: 1 IP address (1 host up) scanned in 6.937 seconds
root@pandora:~# telnet x.x.x.x 22
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
Protocol mismatch.
Connection closed by foreign host.
[1] See example fw policy at http://www.0xdeadbeef.info/conf/rc.iptables.1
-- Marco Ivaldi Antifork Research, Inc. http://0xdeadbeef.info/ 3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707 ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:46 EDT