RE: Disovering hosts using UDP services

["TURPIN Marc IT&L@bs" <marc.turpin () aql fr>]

For windows detection you can use DFind

http://heapoverflow.com/f0rums/projects/tools/20-dfind-port-scanner/

Tiny multi-threaded port scanner.


Marc TURPIN
Security Consultant / Consultant Sécurité
Consulting Services, rue de la chataigneraie, BP51766, 35513 CESSON SEVIGNE,
FRANCE
www.orange-business.com

 

-----Message d'origine-----
De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De
la part de Gleb Paharenko
Envoyé : jeudi 4 septembre 2008 21:33
À : pen-test () securityfocus com
Objet : Disovering hosts using UDP services

Dear list.

Often udp port scanning say with nmap -sU -pPort1,Port2,.. does not
give results as UDP services tends do not respond to malformed
packets. At the same time utilities which send good packets getting
results and allows to enumerate hosts on the net.  For example
ike-scan usually give you the VPN endpoints, while nmap will not be
able to do this. Another example - dns server, it will not respond to
nmap UDP packet, but will respond for good dns query.

I'm looking for tools which will allow enumerate
 - dns  53
 - snmp discover 161
 - windows discovery (135,139,138,445,137)
 - ntp discovery 123
 - ms sql 1434


I'm interested on your thoughts about advanced discovery techniques as well.

-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

Attachment: smime.p7s
Description: