Penetration Testing mailing list archives

Re: [PEN-TEST] your mail

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Wed, 17 Jan 2001 10:25:11 -0500

one active method you forgot is telnet daemon fingerprinting, and the teso
folks have a nice tool for the job:

http://teso.scene.at/releases/telnetfp_0.1.1.tar.gz

its active but it does work pretty well.

passive methods will also work as noted by some people.

i wrote a paper on a low-tech method that works surprisingly well:
        http://www.crimelabs.net/docs/passive.html

(yes, feedback is always welcome, it's still being refined)

some tools listed in the paper that are worth knowing:

siphon -        http://www.subterrain.net/projects/siphon/
p0f -           http://kamtuf.hack.pl/p0f.tgz
passfing -      http://www.enteract.com/~lspitz/passfing.tar.gz

i hope this helps,

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

[PEN-TEST] tjan (Jan 16)
- Re: [PEN-TEST] your mail Robert van der Meulen (Jan 16)
  - Re: [PEN-TEST] your mail Jose Nazario (Jan 17)
- Re: [PEN-TEST] M. Schubert (Jan 16)
- Re: [PEN-TEST] Sebastian Stark (Jan 17)
- <Possible follow-ups>
- Re: [PEN-TEST] Complx1 * (Jan 16)