Penetration Testing mailing list archives
RE: Disovering hosts using UDP services
From: "Alex Eden" <Alex.Eden () senet-int com>
Date: Thu, 4 Sep 2008 17:09:47 -0400
Onesixtyone is pretty fast and accurate... DNSSCAN - I'm trying to compile right now - supposedly it's able to scan whole networks for dns servers... What about amap? It's not very elegant, but works for me. I don't have nmap-generated host file, so I do (in csh) foreach i ("`cat target.hosts.txt`") amap -u $i 53 >> DNS.servers.txt end For hosts input you can use nmap-generated hosts file, but for output would still need to touch a file and append. Amap has "-o" option which is not done right. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gleb Paharenko Sent: Thursday, September 04, 2008 3:33 PM To: pen-test () securityfocus com Subject: Disovering hosts using UDP services Dear list. Often udp port scanning say with nmap -sU -pPort1,Port2,.. does not give results as UDP services tends do not respond to malformed packets. At the same time utilities which send good packets getting results and allows to enumerate hosts on the net. For example ike-scan usually give you the VPN endpoints, while nmap will not be able to do this. Another example - dns server, it will not respond to nmap UDP packet, but will respond for good dns query. I'm looking for tools which will allow enumerate - dns 53 - snmp discover 161 - windows discovery (135,139,138,445,137) - ntp discovery 123 - ms sql 1434 I'm interested on your thoughts about advanced discovery techniques as well. -- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Disovering hosts using UDP services Gleb Paharenko (Sep 04)
- RE: Disovering hosts using UDP services Alex Eden (Sep 04)
- Re: Disovering hosts using UDP services lister (Sep 04)
- RE: Disovering hosts using UDP services Alex Eden (Sep 06)
- Re: Disovering hosts using UDP services Anders Thulin (Sep 06)
- RE: Disovering hosts using UDP services TURPIN Marc IT&L@bs (Sep 06)
- Re: Disovering hosts using UDP services Nikhil Wagholikar (Sep 08)
- Re: Disovering hosts using UDP services Martin Zember (Sep 07)
- <Possible follow-ups>
- Re: RE: Disovering hosts using UDP services publists (Sep 04)