Penetration Testing mailing list archives

RE: Finding PC Anywhere on Client Machines

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Thu, 12 Jul 2001 18:45:27 -0400 (EDT)


being that pcanywhere now mimicks the ssh protocol ports, at lest from
what is listed below, finding open port<s>, and even the other ports
listed is not enough evidence, one might actually have to connect to each
port and seek banners.

Thanks,

Ron Dufresne

On Thu, 12 Jul 2001, Michael Katz wrote:

On Thursday, July 12, 2001 6:50 AM, Terry Dunlap wrote:

Short of using ISS or war dialing, does anyone know of other
tools/methods to locate installed versions of PC Anywhere on client
machines?


Terry,

Remotely finding machines on which pcAnywhere has been installed but is not running is difficult. On unsecured 
Windows NT machines, you may be able to enumerate services (including stopped services) to find some that have 
pcAnywhere installed.  Cerberus Internet Scanner will remotely enumerate services on unsecured Windows NT machines.

Remotely finding machines on which pcAnywhere is running should be relatively simple.  Some suggestions:

      - Load up pcAnywhere on a machine connected to the network on which you want to look for machines.  Then select 
Remote Control and Network - this will query the network for machines running pcAnywhere
      - Use your favorite port scanner to check for telltale pcAnywhere ports: TCP:22, 5631, 5632, 65301 and UDP:22, 
5632 for version 8, for example.

Hope that helps.

Michael Katz
mike () responsible com
Responsible Solutions, Ltd.


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Finding PC Anywhere on Client Machines Dunlap, Terry J (US - Cincinnati) (Jul 12)
- Re: Finding PC Anywhere on Client Machines Jonathan Rickman (Jul 12)
- RE: Finding PC Anywhere on Client Machines Bryan Allerdice (Jul 12)
  - RE: Finding PC Anywhere on Client Machines Greg (Jul 12)
- RE: Finding PC Anywhere on Client Machines Michael Katz (Jul 12)
  - RE: Finding PC Anywhere on Client Machines R. DuFresne (Jul 12)
- <Possible follow-ups>
- Re: Finding PC Anywhere on Client Machines Jason Sheffield (Jul 12)
- RE: Finding PC Anywhere on Client Machines Jose Desseno ( Infobyte Security Research ) (Jul 16)