PaulDotCom mailing list archives
Re: IIS instance detection
From: "5.K1dd" <5.k1dd () austinhackers org>
Date: Mon, 13 Dec 2010 17:07:14 -0600
Perimiter firewall rules will tell you hosts & ports for external facing website. The internal DNS server will give you hosts running internal facing websites.
I have a client that needs to deploy security patches for Apache but are not 100% sure of which host houses the instance or the ports used either. My question is how can I identify 100% of the instances effectively and reasonably quietly without scanning nearly all of the ports on all the hosts? I thought of pulling the ports enabled from the host based firewall solution and scanning these with nmap. But a port could be blocked through the firewall and an instance still listening locally although not remotely accessible providing the FW is running. These do exist for tools run locally and I've seen the FW fail too so want to ensure coverage for these also. I like the idea of using Nessus (which I have) to perform a credentialed local scan of the ports listening on the server but I think this needs SMB and Admin shares enabled which I don't have. Is there another way to do this? Grateful for any ideas. Regards, K41zen _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- IIS instance detection Jason Jarvis (Dec 13)
- Re: IIS instance detection Jason Jarvis (Dec 13)
- Re: IIS instance detection Ron Gula (Dec 13)
- Re: IIS instance detection k41zen Me (Dec 13)
- Re: IIS instance detection Ron Gula (Dec 14)
- Re: IIS instance detection k41zen Me (Dec 14)
- Re: IIS instance detection Ron Gula (Dec 13)
- Re: IIS instance detection Jason Jarvis (Dec 13)