Re: Discovering Live Hosts

["Vivek P" <iamherevivek () gmail com>]

Hi John, Nikhil

Whatever u call it, it is to learn about the network! We all are here
for the same purpose of learning no matter what u call it ;-)

Nikhil,this is what i do!

1. scan the n/w for services nmap -0 it for the whole port range
(specify so that nmap is not taking just its favourite) [-p0-9999] if
there is some kind of banner reported it means the host it alive else
dead!
if alive u continue with what u want!

else if they manage to firewall that!

2. run a batch file which calls a c program which sends null value
packet to all ports! (customized code from codeproject.net). If the
stupid machine is alive/dead!

3. I have not got a negetive for these two approaches either of these
have succeeded till date!

ps: there are some honeypots & IPS which fool around it is not for
those brothers, we need to impliment evasive stuff infront of these
methods to eliminate them :-)

i think this might be of some use!
thanx
-------------------------------------------
Vivek P Nair
Vice President Technology
Appin Group Of Companies
Appin Security Group
Module III TBIU
IIT DELHI
Hauz Khaus
New delhi
India
www.appinlabs.com
vivek.p () appinlabs com
+919910924675

We explore... and you call us criminals.
We seek after knowledge... and you call us criminals.
We exist without skin color, without nationality, without religious
bias... and you call us criminals.
You build atomic bombs, you wage wars, you murder, cheat, and lie to
us and try to make us believe it's for our own good, yet we're the
criminals.

Yes, I am a criminal. My crime is that of curiosity.
My crime is that of judging people by what they say and think, not
what they look like.
I am a hacker, and this is my manifesto.
You may stop this individual, but you can't stop us all!
On 8/8/07, John M. Martinelli <john () martinelli com> wrote:
> Since when?
>
> If I'm auditing an intrusion detection system on my LAN, I would
> consider that I'm penetration testing, not performing a vulnerability
> assessment.
>
> Regards,
> John Martinelli
> RedLevel.org Security
>
> On Aug 8, 2007, at 2:04 AM, Nikhil Wagholikar wrote:
>
> > Hello Jure,
> >
> > Performing scans from within target LAN is called Vulnerability
> > Assessment, and doing the same thing from other LAN or outside IP
> > Address/Addresses is called Penetration Testing.
> >
> > I have clearly mentioned that the scenario is applicable for
> > Pen-Testing. Kindly suggest the same answer from Pen-Testing point of
> > view.
> >
> > Thanks for your suggestion. This suggestion will be usefull for
> > Vulnerability Assessors.
> >
> > ---
> > Nikhil Wagholikar
> > Information Security Analyst
> >
> >
> > On 8/8/07, Jure Krasovic <jure.krasovic () lusp com> wrote:
> > > Nikhil Wagholikar pravi:
> > > > Hello List,
> > > >
> > > > I need some suggestions and inputs from all Pen-testers around the
> > > > world on this issue.
> > >
> > > Hello Nikhil,
> > >
> > > if you are on the same LAN as machines you do pentest, you should try
> > > arpping.
> > >
> > > Regards
> > >
> > >       Jure
> >
> > ----------------------------------------------------------------------
> > --
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution FREE today!
> >
> > http://www.cenzic.com/downloads
> > ----------------------------------------------------------------------
> > --
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------