Penetration Testing mailing list archives
Re: [PEN-TEST] NetBIOS Auditing Tool
From: Richard Johnson <rdump () RIVER COM>
Date: Tue, 10 Oct 2000 15:28:14 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 11:27 -0600 on 10/09/2000, Jacob A. Ansari wrote:
Hi, I've found a Unix implementation of NetBIOS Auditing Tool called nbaudit (don't know if this is a port of NAT from win32 or the other way around). Normally it's very useful, but has a nasty habit of dumping core in the middle of execution. Has anyone else encountered this? Thanks very much. Jacob
Yes, it often dumps core while trying password brute force guessing. I haven't been sufficiently motivated to try and determine the cause, as I don't use it for password guessing (^C is my friend if it gets that far). I usually just run it on neighboring systems that port scan my net for NetBIOS listeners, as nbaudit/nat provides a quick and simple check for unpassworded open shares. A WinDOS PC scanning for NetBIOS listeners together with that PC offering an unpassworded C: drive share is a very practical indication of infestation by one of the many open share worms. Rich -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 iQA/AwUBOeOJ3GKSuJuuNAZUEQK+NwCeOVJiao7ZikXfawa5MoD6RFA2ZCwAoPpJ 5zBSICZT9/9wCNBaKDlKe+WP =/GL8 -----END PGP SIGNATURE-----
Current thread:
- [PEN-TEST] NetBIOS Auditing Tool Jacob A. Ansari (Oct 10)
- Re: [PEN-TEST] NetBIOS Auditing Tool Erik Tayler (Oct 10)
- Re: [PEN-TEST] NetBIOS Auditing Tool Richard Johnson (Oct 10)
- <Possible follow-ups>
- Re: [PEN-TEST] NetBIOS Auditing Tool Oliver Friedrichs (Oct 10)
- Re: [PEN-TEST] NetBIOS Auditing Tool Erik Tayler (Oct 10)