Penetration Testing mailing list archives
RE: Nikto open ports
From: "Shenk, Jerry A" <jshenk () decommunications com>
Date: Tue, 7 Nov 2006 17:34:40 -0500
That would be a pretty easy thing to test. Put a sniffer between your testing machine and the tested machine and capture all the data going through. It should be very easy to see if sessions are being closed by the client (testing machine) or not. I know that I've never experienced the problem you're seeing but, perhaps I just didn't notice it. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of noa () imperva com Sent: Tuesday, November 07, 2006 6:14 AM To: pen-test () securityfocus com Subject: Nikto open ports Hi, I used nikto to test a specific open port on a server. I ran the exact same test mutliple consecutive times, starting the next test immediately after the current one ended. I saw that after a few tests, nikto replied that there was no HTTP port on that server... A closer look revealed that the previous nikto test left the ports open so I'm guessing that the server stops responding because of too many open ports. Has anyone encountered this behavior? Do you know whether nikto does not in fact properly close all connections? Thank you, Noa ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016 00000008bOW ------------------------------------------------------------------------ **DISCLAIMER This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Nikto open ports noa (Nov 07)
- Re: Nikto open ports Alberto CorsÃn Lafuente (Nov 07)
- <Possible follow-ups>
- RE: Nikto open ports Shenk, Jerry A (Nov 07)
- Re: RE: Nikto open ports noa (Nov 09)
- Re: Nikto open ports Radu Oprisan (Nov 13)