Penetration Testing mailing list archives
Re: new NMAP re-tool(ing)
From: "Don Parker" <dparker () rigelksecurity com>
Date: Mon, 5 Jul 2004 19:20:07 -0400 (EDT)
On a sidenote; I would not blindly rely on the output of nmap to give you the answers. You should always check the actual packets themselves. That infers though that one has the requisite knowledge of TCP/IP itself so as to interpret what you are getting back. Not only that but also to watch what nmap itself is also sending out. One should never solely rely on a tools output. It should always be verified. Nmap is not the end all be all of scanners. With a little knowledge of TCP/IP and say hping or nemesis one can get excellent results as well. Cheers, Don ------------------------------------------- Don Parker, GCIA Intrusion Detection Specialist Rigel Kent Security & Advisory Services Inc www.rigelksecurity.com ph :613.233.HACK fax:613.233.1788 toll: 1-877-777-H8CK -------------------------------------------- On Jul 5 , Martin =?iso-8859-2?Q?Ma=E8ok?= <martin.macok () underground cz> wrote: On Mon, Jul 05, 2004 at 02:28:54AM -0700, Tyler Durden wrote:
Version numbers by banner grabbing and such?
JFYI, Nmap has "version scanning" since version 3.40. It is implemented by different protocol probing and pattern matching of eventual replies. It recognizes something around thousand of different services by now (and BTW, new release is about to come hopefully later on this week). For more, see <a href='http://www.insecure.org/nmap/versionscan.html'>http://www.insecure.org/nmap/version scan.html</a> (Sorry if your question was not about Nmap itself but nwrap.pl ...) Martin Maèok IT Security Consultant
Current thread:
- new NMAP re-tool(ing) Pete Herzog (Jul 04)
- Re: new NMAP re-tool(ing) Tyler Durden (Jul 05)
- Re: new NMAP re-tool(ing) Martin Mačok (Jul 05)
- Re: new NMAP re-tool(ing) Pete Herzog (Jul 06)
- <Possible follow-ups>
- Re: new NMAP re-tool(ing) Don Parker (Jul 06)
- Re: new NMAP re-tool(ing) Tyler Durden (Jul 05)