RE: superscan on win2k vs winxp

["Omar A. Herrera" <omar.herrera () oissg org>]

Hi,

> -----Original Message-----
> From: paavan shah [mailto:paavan.shah () gmail com]
>
> I am using superscan to scan hosts for possible open ports.But
> surprsingly ,if i scan it from windows 2000 and windows xp with sp2
> the results differ.
>
> When i scan from xp it gives no open ports and when i scan from
> windows 2000,it gives certain ports open.
>
> Does anyone have any idea regarding this?
>
> If tcp/ip stack is implemented differently on both the  opertaing
> systems then can anyone tell me how i can get tcp/ip stack info on my
> xp and 2k machine?

XP SP2 added a nice capability to limit the number of tcp connections
attempt to 10 per second (this would kill any multithreaded scan), besides,
a patch (I think it was MS05-019) blocked the use of raw sockets.

I'm not sure if the last issue would have an impact on superscan, but the
first one most probably does. There is patch around but I've not tested it.
To be honest, you should try another scanning/testing platform if you can.
XP SP2 and laters will restrict "normal" users from doing things they are
not supposed to to thwart some kind of attacks. This of course happens to
also mess with your work as pentester.

Regards,
Omar Herrera


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------