RE: Finding PC Anywhere on Client Machines

["Greg" <greg () hoobie net>]

Bear in mind that many older (berfore 9.x I think) versions of PCAnywhere
will hang after a port scan. I have come across this very annoying problem
in several jobs. The TCP connection (or even a SYN) to 5631/tcp appears to
hang the PCAnywhere service requiring a service restart, if you have a
feeling that PCAnywhere is there then either use a UDP scan (port 5632 I
think) or connect manually to 5631/tcp and send a carriage return before you
disconnect.

regards

Greg

-----Original Message-----
From: Bryan Allerdice [mailto:bryan_allerdice () yahoo com]
Sent: 12 July 2001 20:59
To: Dunlap, Terry J (US - Cincinnati); pen-test () securityfocus com
Subject: RE: Finding PC Anywhere on Client Machines


I'd use a simple port scanner rather than full blown ISS Internet Scanner,
and target only the common ports used by pcAnywhere.

Ports: 5631 (TCP/UDP), 5632 (TCP/UDP)

Sure, It's still scanning, which is what you'd be doing with ISS Internet
Scanner, but you can get nice, small, free port scanner of the net quite
easily.

BRYAN

-----Original Message-----
From: Dunlap, Terry J (US - Cincinnati) [mailto:tdunlap () deloitte com]
Sent: Thursday, July 12, 2001 9:50 AM
To: 'pen-test () securityfocus com'
Subject: Finding PC Anywhere on Client Machines



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Short of using ISS or war dialing, does anyone know of other
tools/methods to locate installed versions of PC Anywhere on client
machines?

Thanks in advance for your replies!

Terry Dunlap, MCSE, MCP, Network+, A+
Secure e-Business Consultant
- ----------------------------------------
Deloitte & Touche
250 East Fifth Street
Suite 1900
Cincinnati, Ohio 45201
(513) 784-7102

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO02rbAyPQhKwR6xfEQK4+gCg8zuUz8J9u55l2wFoDaEbpAJ5tS4An14H
7trjBqH656GcUhKmyHsX2gH/
=jZoI
-----END PGP SIGNATURE-----
- This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law.  -
If you are not the intended recipient, you should delete this message and
are hereby notified that any disclosure, copying, or distribution of this
message, or the taking of any action based on it, is strictly prohibited.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

 _________________________________________________________ Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/




----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/