I forgot to mention that there is an NTP exchange and an ARP request
in the pcap data, too.
On 3/27/07, DePriest, Jason R. <jrdepriest_at_gmail.com> wrote:
> On 3/27/07, Brandon Enright wrote:
> > DePriest, Jason R. wrote:
> > > I can give you detailed results from an nbtscan and a packet capture
> > > of the traffic.
> > >
> > > Would that be sufficient to help out?
> > >
> > > -Jason
> > >
> >
> > If you have a case where nbtscan was able to determine the remote user
> > that was logged in that ouput and packet capture would be most useful.
> > I suppose I could look at the nbtscan source code but I'd hate to run
> > into odd legal/licensing problems in doing so.
> >
> > Brandon
> >
> >
>
> It looked like nbtstat provided more verbosity for the end-user, so I
> used it instead.
>
> Nbtstat actually shows you the raw data received minus the tcp and
> ethernet layer stuff.
>
> I am including the full packet capture data from a tshark dump as well.
>
> See the attachment for the pcap and txt files with the data.
>
> -Jason
>
>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Mar 27 2007
Intro
