Penetration Testing mailing list archives

Re: Discovering Live Hosts

From: Dan Catalin Vasile <hardware_cta () yahoo com>
Date: Wed, 8 Aug 2007 01:02:24 -0700 (PDT)

Note: forwarded message attached.



      ____________________________________________________________________________________
Fussy? Opinionated? Impossible to please? Perfect.  Join Yahoo!'s user panel and lay it on us. 
http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7

--- Begin Message --- From: Dan Catalin Vasile <hardware_cta () yahoo com>
Date: Tue, 7 Aug 2007 23:54:57 -0700 (PDT)

--- rajat swarup <rajats () gmail com> wrote:

On 8/8/07, Nikhil Wagholikar <visitnikhil () gmail com>
wrote:


Thanks for your suggestion. However as I said

earlier that "if suppose SMTP is

configured on port 26 instead of traditional port

25, then it would

add a twist to this situation". Hence your

suggested method would

still leave some hosts down. Can you kindly

further granularize your

suggestion?

But it would turn up with port 25 as "closed" which
still shows that
the host is alive.



Or not! The fw can be configured not to respond in
case that a port is closed. In this situation nmap
reports the port as "filtered" and you can't tell if
the host is up. In fact, a live host with no ports
open and with a fw configured to reject icmp can
appear as offline.

-- 
Rajat Swarup

http://rajatswarup.blogspot.com/

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE
today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------




       
____________________________________________________________________________________
Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469

--- End Message ---

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Re: Discovering Live Hosts, (continued)
- Re: Discovering Live Hosts Jure Krasovic (Aug 07)
  - Re: Discovering Live Hosts Nikhil Wagholikar (Aug 07)
    - Re: Discovering Live Hosts John M. Martinelli (Aug 07)
    - Re: Discovering Live Hosts Vivek P (Aug 08)
    - Re: Discovering Live Hosts Lee Lawson (Aug 08)
- Re: Discovering Live Hosts Alcides (Aug 08)
- Re: Discovering Live Hosts Sat Jagat Singh (Aug 08)
  - Re: Discovering Live Hosts rajat swarup (Aug 08)
    - Re: Discovering Live Hosts Sat Jagat Singh (Aug 08)
- RE: Discovering Live Hosts ragdelaed (Aug 08)
- Re: Discovering Live Hosts Dan Catalin Vasile (Aug 08)
  - Re: Discovering Live Hosts rajat swarup (Aug 08)
  - Re: Discovering Live Hosts Fabrizio (Aug 08)