Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: nessus exceptions

From: "Marc Heuse" <marc.heuse () nruns com>
Date: Wed, 4 Aug 2004 09:35:17 +0200
Hi chris, 

using a fake ftp server which emulates anonymous ftp and logging all the
requests should do the trick.
ISS, Nessus, and all other scanners use a password for the anonymous login
which is unique.
e.g. Nessus uses "nessus@" as anonymous password, ISS "-iss@iss", even old
satan :-) uses "-satan@"
you can identify even webbrowsers and other security tools like amap/nmap
etc.

You can use honeyd (www.honeyd.org) for this.

Greets,
Marc

====================================================================
Marc Heuse
n.runs GmbH
Mobile Phone: +49-160-98925941
Key fingerprint = AE3F CDC0 8C7B 8797 BEAC  4BF8 EC8F E64B 0A84 EA10
====================================================================

-----Original Message-----
From: Chris Griffin [mailto:cgriffin () dcmindiana com] 
Sent: 02 August 2004 20:58
To: pen-test () securityfocus com
Subject: nessus exceptions

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi list,
Im trying to find some good holes, that aren't major security issues,
that i can create on a machine to see if our testing company really
uses anything other than nessus.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBDo7EeFLbG0PZdVwRAmaSAJ9gHU7w6vbI9DGKWa7xmUQ31qKSBQCgpcpq
cC69CeYr16OsfuYu6u1oe8U=
=bGZi
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: