Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Banner Grabbing

From: "Jamie Riden" <jamie.riden () gmail com>
Date: Fri, 22 Dec 2006 17:16:34 +1300
On 22/12/06, Michael J Condon <mjc001 () jjuno com> wrote:

What steps can be used to prevent "OS Banner Grabbing" by the client? Also,
what is the best method or "attack" to get to a banner on MS and non MS
Operating Systems?


[resend, bounced due to nonsubscribed address]

Banner grabbing: 'telnet victim.example.com <port>' will often get you
a banner. My favourite is 'nmap -sV victim.example.com' which will do
all the work for you.

To prevent banner grabbing, you can alter or hide banners for various
services, but since many exploits are automated and a lot of people
launch attacks blindly, I don't see this as a must-do item. There are
other ways of identifying services other than reading the welcome
banner, and it won't help you if your service is actually vulnerable.

cheers,
Jamie
--
Jamie Riden, CISSP / jamesr () europe com / jamie.riden () gmail com
NZ Honeynet project - http://www.nz-honeynet.org/
Previous By Date Next
Previous By Thread Next

Current thread: