PaulDotCom mailing list archives
Re: IIS instance detection
From: k41zen Me <k41zen () me com>
Date: Mon, 13 Dec 2010 22:23:20 +0000
Ron, I'm saying that I have creds for both but SMB and admin shares are disabled but I do have WMI available. I thought an Nessus local creditialed scan needed SMB and Admin shares? k41zen On 13 Dec 2010, at 22:00, Ron Gula wrote:
Are you saying you can login with WMI but don't have credentials to do a full Nessus audit? Passively, if you have the ability to deploy something like Tenable's Passive Vulnerability Scanner, it will detect any web server, unique web site, SSL certificates, .etc on any port as long as there is traffic to it. Ron Gula On 12/13/2010 1:54 PM, Jason Jarvis wrote:Ooooo I do have WMIC :) So a bit of remote WMIC code execution and some commandlinekungfu.com Fu - hmmmm. On 13 Dec 2010, at 18:43, Jason Jarvis <k41zen () me com> wrote:I have a client that needs to deploy security patches for Apache but are not 100% sure of which host houses the instance or the ports used either. My question is how can I identify 100% of the instances effectively and reasonably quietly without scanning nearly all of the ports on all the hosts? I thought of pulling the ports enabled from the host based firewall solution and scanning these with nmap. But a port could be blocked through the firewall and an instance still listening locally although not remotely accessible providing the FW is running. These do exist for tools run locally and I've seen the FW fail too so want to ensure coverage for these also. I like the idea of using Nessus (which I have) to perform a credentialed local scan of the ports listening on the server but I think this needs SMB and Admin shares enabled which I don't have. Is there another way to do this? Grateful for any ideas. Regards, K41zen_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- IIS instance detection Jason Jarvis (Dec 13)
- Re: IIS instance detection Jason Jarvis (Dec 13)
- Re: IIS instance detection Ron Gula (Dec 13)
- Re: IIS instance detection k41zen Me (Dec 13)
- Re: IIS instance detection Ron Gula (Dec 14)
- Re: IIS instance detection k41zen Me (Dec 14)
- Re: IIS instance detection Ron Gula (Dec 13)
- Re: IIS instance detection Jason Jarvis (Dec 13)