Penetration Testing mailing list archives
RE: superscan on win2k vs winxp
From: "Omar A. Herrera" <omar.herrera () oissg org>
Date: Tue, 6 Sep 2005 16:59:48 -0500
Hi,
-----Original Message----- From: paavan shah [mailto:paavan.shah () gmail com] I am using superscan to scan hosts for possible open ports.But surprsingly ,if i scan it from windows 2000 and windows xp with sp2 the results differ. When i scan from xp it gives no open ports and when i scan from windows 2000,it gives certain ports open. Does anyone have any idea regarding this? If tcp/ip stack is implemented differently on both the opertaing systems then can anyone tell me how i can get tcp/ip stack info on my xp and 2k machine?
XP SP2 added a nice capability to limit the number of tcp connections attempt to 10 per second (this would kill any multithreaded scan), besides, a patch (I think it was MS05-019) blocked the use of raw sockets. I'm not sure if the last issue would have an impact on superscan, but the first one most probably does. There is patch around but I've not tested it. To be honest, you should try another scanning/testing platform if you can. XP SP2 and laters will restrict "normal" users from doing things they are not supposed to to thwart some kind of attacks. This of course happens to also mess with your work as pentester. Regards, Omar Herrera ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- superscan on win2k vs winxp paavan shah (Sep 06)
- RE: superscan on win2k vs winxp Joel A. Folkerts (Sep 07)
- RE: superscan on win2k vs winxp Omar A. Herrera (Sep 07)
- RE: superscan on win2k vs winxp Richard Zaluski (Sep 07)
- RE: superscan on win2k vs winxp Marco Monicelli (Sep 08)
- Re: superscan on win2k vs winxp Fco. Jose Garrido Matamoros (Sep 07)
- Re: superscan on win2k vs winxp Miha Furlan (Sep 07)
- <Possible follow-ups>
- RE: superscan on win2k vs winxp Monroe, Bruce (Sep 07)
- RE: superscan on win2k vs winxp Tait, Calvin (Sep 07)
- RE: superscan on win2k vs winxp Guillaume LAVOIX (Sep 07)
- RE: superscan on win2k vs winxp Andrew Meyers (Sep 08)
- RE: superscan on win2k vs winxp Richard Zaluski (Sep 08)
- RE: superscan on win2k vs winxp Miller, Joseph A (Sep 08)
(Thread continues...)