Nmap Development mailing list archives
Re: [NSE] metasploit-msgrpc-brute
From: "HD Moore" <hdm () digitaloffense net>
Date: Fri, 29 Jun 2012 15:43:04 -0500
Hi Patrik, We added a minimum delay for repeated authentication attempts to this protocol a few months ago. The 55553 service is normally plain TCP, but the commercial products use 50505 (localhost, plain TCP) proxied over 3790 SSL via the /api URL. The caveat for the commercial products is that user-created passwords are validated for some basic complexity requirements (no repeating characters, repetition of the username, super common words, etc). Neither interface has default usernames or passwords. HTH, -HD _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] metasploit-msgrpc-brute Aleksandar Nikolic (Jun 29)
- Re: [NSE] metasploit-msgrpc-brute Patrik Karlsson (Jun 29)
- <Possible follow-ups>
- Re: [NSE] metasploit-msgrpc-brute HD Moore (Jun 29)
- Re: [NSE] metasploit-msgrpc-brute Patrik Karlsson (Jun 29)
- Re: [NSE] metasploit-msgrpc-brute Aleksandar Nikolic (Jun 29)
- Re: [NSE] metasploit-msgrpc-brute David Fifield (Jun 29)
- Re: [NSE] metasploit-msgrpc-brute Aleksandar Nikolic (Jun 30)
- Re: [NSE] metasploit-msgrpc-brute Patrik Karlsson (Jun 29)