Penetration Testing mailing list archives
Re: [PEN-TEST] your mail
From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Wed, 17 Jan 2001 10:25:11 -0500
one active method you forgot is telnet daemon fingerprinting, and the teso folks have a nice tool for the job: http://teso.scene.at/releases/telnetfp_0.1.1.tar.gz its active but it does work pretty well. passive methods will also work as noted by some people. i wrote a paper on a low-tech method that works surprisingly well: http://www.crimelabs.net/docs/passive.html (yes, feedback is always welcome, it's still being refined) some tools listed in the paper that are worth knowing: siphon - http://www.subterrain.net/projects/siphon/ p0f - http://kamtuf.hack.pl/p0f.tgz passfing - http://www.enteract.com/~lspitz/passfing.tar.gz i hope this helps, ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Current thread:
- [PEN-TEST] tjan (Jan 16)
- Re: [PEN-TEST] your mail Robert van der Meulen (Jan 16)
- Re: [PEN-TEST] your mail Jose Nazario (Jan 17)
- Re: [PEN-TEST] M. Schubert (Jan 16)
- Re: [PEN-TEST] Sebastian Stark (Jan 17)
- <Possible follow-ups>
- Re: [PEN-TEST] Complx1 * (Jan 16)
- Re: [PEN-TEST] your mail Robert van der Meulen (Jan 16)