Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Application-based fingerprinting ?

From: skyper <skyper () segfault net>
Date: Wed, 5 Feb 2003 12:42:43 +0000
On Tue, Feb 04, 2003 at 10:27:06PM +0100, Joris De Donder wrote:



Have there been any attempts to explore this area further?


http://www.thehackerschoice.com/releases.php


the correct url is at http://www.thehackerschoice.com/thc-rut

It currently takes banners from WWW, telnetd, ftp, smtp, snmp
and throws them through a perl-regular expression array.


skyper



"THC-RUT comes with a OS host Fingerprinter which determines the remote
 OS by open/closed port characteristics, banner matching and nmap
 fingerprinting techniques (T1, tcpoptions)."

"Amap is a next-generation scanning tool, it identifies applications
 and services even if they are not listening on the default port by
 creating a bogus-communication."


-- 
PGP: dig @segfault.net skyper axfr|grep TX|cut -f2 -d\"|sort|cut -f2 -d\;

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: