nanog mailing list archives

Re: sniffer/promisc detector

From: "Alexei Roudnev" <alex () relcom net>
Date: Wed, 21 Jan 2004 23:32:59 -0800


I saw such scanners 6 years ago (amazingly, they could not determine very
old OS and very oold services...).
But, just again, no one use it in automated scans over the  Internet. As I
was saying, port camuphlaging works as a very first line of defense - it
cuts 99% of all attacks and akllow you to deal with the rest 1%.

I'll measure time tomorrow... Such tools are usually very slow (and lost
20 - 50% of all packets, so to have a reliable result, you must scan host
2 - 4 times).


----- Original Message ----- 
From: "Crist Clark" <crist.clark () globalstar com>
To: "Alexei Roudnev" <alex () relcom net>
Cc: "Ruben van der Leij" <ruben-nanog () nutz nl>; <nanog () merit edu>
Sent: Wednesday, January 21, 2004 11:26 AM
Subject: Re: sniffer/promisc detector

Alexei Roudnev wrote:


Please, do it:

time nmap -p 0-65535 $target

You will be surprised (and nmap will not report applications; to test a
response, multiply time at 5 ).


Yes. It will,

  http://www.insecure.org/nmap/versionscan.html

-- 
Crist J. Clark                               crist.clark () globalstar com
Globalstar Communications                                (408) 933-4387

Current thread:

Re: sniffer/promisc detector, (continued)
- - - Re: sniffer/promisc detector haesu (Jan 20)
- Re: sniffer/promisc detector Damian Gerow (Jan 16)
- RE: sniffer/promisc detector Michel Py (Jan 20)
  - RE: sniffer/promisc detector Henry Linneweh (Jan 20)
- Re: sniffer/promisc detector Michael . Dillon (Jan 21)
  - Re: sniffer/promisc detector Ruben van der Leij (Jan 21)
    - Re: sniffer/promisc detector Valdis . Kletnieks (Jan 21)
    - Re: sniffer/promisc detector Ruben van der Leij (Jan 21)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)
    - Re: sniffer/promisc detector Crist Clark (Jan 21)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)
    - Re: sniffer/promisc detector Fyodor (Jan 22)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 22)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 22)
    - Re: sniffer/promisc detector Ruben van der Leij (Jan 22)
    - Re: sniffer/promisc detector Jason Slagle (Jan 22)
    - Re: sniffer/promisc detector Ruben van der Leij (Jan 22)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 22)
    - Re: sniffer/promisc detector Andrew Simmons (Jan 23)
  - Re: sniffer/promisc detector Dave Israel (Jan 21)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)

(Thread continues...)