Security Basics mailing list archives
RE: nmap root vs user question
From: "Rob" <synja () synfulvisions com>
Date: Mon, 7 Oct 2013 10:39:53 -0400
Is anybody else somewhat worried about this person doing penetration testing and PCI compliance auditing? No offense dude, but this is not something that can be learned from a security basics mailing list. I do want to help, and I do want you to learn, but not at the expense of a client's security.
*From:* ToddAndMargo *Subject:* bandwidth question Hi All, A customer has asked me to do some human penetration testing for PCI compliance. I am planning on doing a bunch of probing with nmap to look for openings. I plan to log into the customer's network with Open VPN over my DSL line. (And Metasploit when I figure out how to use it too.) Question: what kind of bandwidth do I need? I have ~3 Mbps download and ~.7 Mbps upload? Am I going to swamp my DSL modem? Or is there enough wait time between probes that that is not an issue? Many thanks, -T
Yeah.... This is going to end up with an entry in datalossdb.org Rob -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of ToddAndMargo Sent: Friday, October 04, 2013 5:29 PM To: security-basics () securityfocus com Subject: nmap root vs user question Hi All, "#" is my "root" prompt and "$" is my user prompt. Question: why does namp sometimes work as root and not as a user? Why no warning that a command has to be run as root? This works as root: # nmap -p T:5020,5900 192.168.202.210 Starting Nmap 6.40 ( http://nmap.org ) at 2013-10-04 14:25 PDT Nmap scan report for 192.168.202.210 Host is up (0.00063s latency). PORT STATE SERVICE 5020/tcp filtered zenginkyo-1 5900/tcp filtered vnc Same command does not work as a user: $ nmap -p T:5020,5900 192.168.202.210 Starting Nmap 6.40 ( http://nmap.org ) at 2013-10-04 14:25 PDT Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Many thanks, -T -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Computers are like air conditioners. They malfunction when you open windows ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- nmap root vs user question ToddAndMargo (Oct 07)
- Re: nmap root vs user question Jason Hellenthal (Oct 07)
- Re: nmap root vs user question Robert Larsen (Oct 07)
- RE: nmap root vs user question Jeff Fears (Oct 07)
- RE: nmap root vs user question Rob (Oct 07)
- <Possible follow-ups>
- Re: nmap root vs user question ToddAndMargo (Oct 14)
- Re: nmap root vs user question ToddAndMargo (Oct 15)
- Message not available
- Re: nmap root vs user question ToddAndMargo (Oct 16)
- 3G & 4G security Fabio Alceu Fernandes (Oct 17)
- Message not available
- Re: nmap root vs user question ToddAndMargo (Oct 15)
- Re: nmap root vs user question ToddAndMargo (Oct 28)