Re: [PEN-TEST] X25, all but forgotten?

[Mike Ireton <mike () LIBRITAS COM>]

On Wed, 30 Aug 2000, Vanja Hrustic wrote:
> And those tools are 'extremely private'.
>
> There were heaps of shell/DCL scripts for UNIX and VMS which were also
> called 'batch scanners', since they were fairly dumb - you set the
> 'range', and the scanner just does it, no matter what the responses are,
> or if the network is congested, etc... Those were also running in the
> background, without need for human intervention.

        I wrote the granddaddy of x.25 scanners, and it ran on an Atari
800 with a 300 baud modem. This scanner had a number of important features
- dealing with 'network congestion', banner capture, sub-address range
testing, and a very intelligent command processor designed to deal with
network disconnects and even a limited amount of 'line noise' thru fuzzy
matching.

        Scanning techniques don't ever seem to change much,wether is's ip,
x.25, or modem. Sometimes it still suprises me that it's taken as long as
it has to see the development of scan detection....





--
Mike Ireton
Senior Systems Engineer
Libritas, Inc (Formerly Bay Office Net) - http://www.libritas.com
Voice (510) 740-7700            Where do you want to go today?
                                With Linux, I'm already there...