Penetration Testing mailing list archives
RE: Identify OS?
From: "Pete Herzog" <lists () isecom org>
Date: Tue, 4 Feb 2003 16:11:01 +0100
Marty, Dru, who runs the Open Protocol Resource Project at http://www.isecom.org/projects/protocolresource.htm is actually interested now in taking the resource a step further and putting together a database of default install protocols for various versions of OSes is looking for help. I think the DB has a lot of potential for pen-testers. Sincerely, -pete. -----Original Message----- From: Martin Wasson [mailto:martin_wasson () mastercard com] Sent: Monday, February 03, 2003 7:45 PM To: Nick Jacobsen Cc: pen-test () securityfocus com Subject: Re: Identify OS? Nick, Here's my two cents. It looks like a commercial version of Unix. My guess is Solaris. The first thing that struck me was port 6112/dtspc. I'm pretty sure that is a subprocess of CDE, so I doubt it's a Linux box. Kevin is right about it not being a cisco box. There is no way it's cisco. Look at port 7937/7938 open. That's Legato Networker 5.5 or later, it only runs on AIX, Solaris, IRIX, HP-UX, Linux, & Tru64. It also runs on windows, but this isn't a windows box. And it doesn't run on cisco. It looks like a honeypot or a dead ringer for a newbie install. When you did an nslookup, did it return "two-dollar-hooker.i-am-so-owned.com." ? I thought so. As was indicated before. Connect to as many ports as you can, and document the versions of the daemons listening from their blathering banners. Good luck. I wonder if someone has already compiled a db containing what versions of popular daemons are included in various releases of *nix. Hope this helps. Marty Wasson Global Information Security MasterCard International (636) 722-2372 martin_wasson () mastercard com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: Identify OS? Martin Wasson (Feb 03)
- Re: Identify OS? Nicob (Feb 04)
- Re: Identify OS? raymond ip (Feb 05)
- RE: Identify OS? Pete Herzog (Feb 05)
- Re: Identify OS? Nicob (Feb 04)