Nmap Announce mailing list archives
Nmap book; Silly Microsoft; Top Security Sites
From: Fyodor <fyodor () insecure org>
Date: Thu, 18 Dec 2003 16:50:20 -0800
Hi All, My request for comments on an Nmap book drew a very impressive response! More than 500 of you wrote me with an opinion on which way to go. You certainly have very diverse ideas, and I am greatly encouraged that there is so much interest! So I have hunkered down and began writing. Incidentally, that is why you haven't heard from me in so long. Here is the overview I decided on: OVERVIEW: Documents the free Nmap Security Scanner, from port scanning basics for novices to the types of packet crafting used by advanced hackers. Covers network scans for identifying hosts on a network, including techniques that are unavailable with other tools. Provides hints for optimizing scanning speed, analyzing or circumventing firewalls, avoiding intrusion detection systems, and more. Explains strategies for detecting and defending networks against unwanted Nmap probes. Describes finding the operating system and service versions running on target computers. Examples and diagrams show actual communication on the wire. Recipes detail common tasks such as listing which hosts provide a given network service and searching for outdated or insecure software versions. Demonstrates how to automate Nmap for discovering missing or unexpected hosts and services, including crashed hosts and many virus infections. This book is essential for anyone who needs to get the most out of Nmap, particularly security auditors and systems or network administrators. Includes details for installing Nmap under Linux, Unix, Windows, Mac OS X, and even handheld devices. It may take me at least another six months to finish, because I don't want to cut any corners in creating the most useful and comprehensive Nmap book I can. There are a few chapters that I plan to post early, and I will send a note here or post on Insecure.Org when they are ready. In other news, I recently gave an interview for the popular security portal and defacement archive Zone-H: http://www.zone-h.org/en/interviews I also have some more Nmap survey results for you! The tools site ( http://www.insecure.org/tools.html ) generated from that survey has been extraordinarily popular, and the feature voting was helpful in prioritizing development. Note that two of your top 5 requests (results at http://seclists.org/lists/nmap-hackers/2003/Apr-Jun/0011.html ) have been completed (version and service fingerprinting), and another one of the top 5 (make Nmap faster) is my next major priority. The 2,000 of you who took the survey may also remember the new query for your favorite web sites. I have been rather slow at analyzing those, but I couldn't permit 2003 to pass without doing so. I hope to use these results to (finally) update some of my link pages, but for now here are your results: NOTES: o I canonicalized the URLs because many sites have several names (e.g. teso.scene.at and team-teso.net ). packetstormsecurity.nl is the leader in having a huge number of unique URLs pointing to it :). I removed www. from the front of addresses - in a few cases you may need to add it back, although most sites work without it. I also removed Insecure.Org . o I removed paths in the URL to only count the site name. This only really mattered for a couple general-purpose sites that happened to have a popular security section, such as microsoft.com. Speaking of which, I am getting an interesting error right now on http://www.microsoft.com/security/ . I like the little JSP source code view box and the path disclosure of d:\http\library\toolbar\3.0\asp.aspx . The explicit version numbers ("Microsoft .NET Framework Version:1.1.4322.942; ASP.NET Version:1.1.4322.936") could prove handy as well. A handy stack trace too! Hmm ... the problem seems to be fixed but here is an excerpt of the goodies (& a link to the whole page): http://www.insecure.org/tmp/ms-security-errorpage-excerpt.txt . Oops .. now back on topic. Here are all 153 your favorite sites that received at least 2 votes, in decreasing vote count order. There are some good sites to explore here, particularly some of the more specialized ones in the <= 10 vote range: 276 securityfocus.com 159 packetstormsecurity.nl 92 sans.org 86 cert.org 46 securiteam.com 38 linuxsecurity.com 37 phrack.org 30 neworder.box.sk 29 slashdot.org 24 google.com 18 securitynewsportal.com 17 infosyssec.com 15 snort.org 15 honeynet.org 15 dshield.org 15 astalavista.com 13 whitehats.com 13 incidents.org 12 microsoft.com 12 iss.net 11 cisecurity.org 10 networkintrusion.co.uk 10 isc.incidents.org 10 grc.com 10 foundstone.com 10 cve.mitre.org 10 atstake.com 10 astalavista.box.sk 9 security-forums.com 9 packetstorm.org 9 net-security.org 9 nessus.org 9 hack.co.za 9 deadly.org 9 attrition.org 8 samspade.org 7 zone-h.org 7 secureroot.com 7 packetfactory.net 7 openbsd.org 7 counterpane.com 7 2600.com 6 theregister.co.uk 6 thc.org 6 team-teso.net 6 symantec.com 6 securitytracker.com 6 phoneboy.com 6 ntbugtraq.com 6 netsys.com 6 neohapsis.com 6 heise.de 6 antionline.com 5 tlsecurity.net 5 sourceforge.net 5 icat.nist.gov 5 hackingexposed.com 5 eeye.com 5 cotse.com 5 ccc.de 5 archives.neohapsis.com 4 wiretrip.net 4 vulnwatch.org 4 thehackerschoice.com 4 security.nl 4 nsa.gov 4 nipc.gov 4 infosecuritymag.com 4 immunitysec.com 4 freshmeat.net 4 csrc.nist.gov 4 cert.uni-stuttgart.de 4 astalavista.net 3 windowssecurity.com 3 w00w00.org 3 uksecurityonline.com 3 symlink.ch 3 sun.com 3 spitzner.net 3 seifried.org 3 securityresponse.symantec.com 3 securite.org 3 razor.bindview.com 3 owasp.org 3 network-tools.com 3 netfilter.org 3 megasecurity.org 3 marc.theaimsgroup.com 3 isc2.org 3 iana.org 3 hammerofgod.com 3 debian.org 3 cyberarmy.com 3 blackhat.com 3 blackcode.com 2 zonelabs.com 2 xfocus.org 2 xakep.ru 2 wiretapped.net 2 webmin.com 2 webattack.com 2 ussrback.com 2 treachery.net 2 techrepublic.com 2 sysinternals.com 2 st.ryukoku.ac.jp 2 sqlsecurity.com 2 sleuthkit.org 2 security.ziffdavis.com 2 securityspace.com 2 securityportal.com 2 security.nnov.ru 2 securitybugware.com 2 rootshell.com 2 rootsecure.net 2 redhat.com 2 portsdb.org 2 porcupine.org 2 pivx.com 2 phenoelit.de 2 packetattack.com 2 osvdb.org 2 ossr.net 2 osnews.com 2 openssh.org 2 nmrc.org 2 newsnow.co.uk 2 news.netcraft.com 2 news.ists.dartmouth.edu 2 netric.org 2 mitre.org 2 kill-hup.com 2 isecom.org 2 internetpulse.net 2 hsc.fr 2 hispasec.com 2 hackerthreads.org 2 hackers.inside.net 2 gnupg.org 2 freebsd.org 2 extremetech.com 2 dnsstuff.com 2 digital-root.com 2 cymru.com 2 cultdeadcow.com 2 corsaire.com 2 ciac.org 2 cerias.purdue.edu 2 bugtraq.com 2 blacksun.box.sk 2 bastille-linux.org 2 apocalypseonline.com 2 abuse.net Cheers, Fyodor -------------------------------------------------- For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List archive: http://seclists.org
Current thread:
- Nmap book; Silly Microsoft; Top Security Sites Fyodor (Dec 18)