Penetration Testing mailing list archives
Re: Banner Grabbing
From: "Jamie Riden" <jamie.riden () gmail com>
Date: Fri, 22 Dec 2006 17:16:34 +1300
On 22/12/06, Michael J Condon <mjc001 () jjuno com> wrote:
What steps can be used to prevent "OS Banner Grabbing" by the client? Also, what is the best method or "attack" to get to a banner on MS and non MS Operating Systems?
[resend, bounced due to nonsubscribed address] Banner grabbing: 'telnet victim.example.com <port>' will often get you a banner. My favourite is 'nmap -sV victim.example.com' which will do all the work for you. To prevent banner grabbing, you can alter or hide banners for various services, but since many exploits are automated and a lot of people launch attacks blindly, I don't see this as a must-do item. There are other ways of identifying services other than reading the welcome banner, and it won't help you if your service is actually vulnerable. cheers, Jamie -- Jamie Riden, CISSP / jamesr () europe com / jamie.riden () gmail com NZ Honeynet project - http://www.nz-honeynet.org/
Current thread:
- PCI Compliance (Vulnerability Scans) 09sparky (Dec 16)
- RE: PCI Compliance (Vulnerability Scans) Erin Carroll (Dec 16)
- <Possible follow-ups>
- Re: RE: PCI Compliance (Vulnerability Scans) 09sparky (Dec 17)
- Re: PCI Compliance (Vulnerability Scans) David M. Zendzian (Dec 17)
- Re: PCI Compliance (Vulnerability Scans) Vivek Chudgar (Dec 19)
- Re: PCI Compliance (Vulnerability Scans) David M. Zendzian (Dec 19)
- Re: PCI Compliance (Vulnerability Scans) bf (Dec 21)
- Re: PCI Compliance (Vulnerability Scans) David M. Zendzian (Dec 21)
- Banner Grabbing Michael J Condon (Dec 21)
- Message not available
- Re: Banner Grabbing Jamie Riden (Dec 21)
- Message not available
- Re: Banner Grabbing Jamie Riden (Dec 21)
- Re: PCI Compliance (Vulnerability Scans) David M. Zendzian (Dec 17)
- Re: Banner Grabbing Dan Catalin Vasile (Dec 22)
- Re: Banner Grabbing sami ghourabi (Dec 22)
- Message not available
- Re: Banner Grabbing sami ghourabi (Dec 26)
- Re: Banner Grabbing Vikas Singhal (Dec 28)
- Re: Banner Grabbing Eric Kollmann (Dec 29)