|
Penetration Testing
mailing list archives
Port identification methodology
From: "Erik Norman" <erik.norman () ccnox com>
Date: Mon, 2 Jul 2001 12:13:35 +0200
Hi all,
I have a question regarding methodology while performing a
PT. It concerns identifying programs/services.
Imagine a full nmap scan has been performed. A handfull
of open ports was found on a particular server. The
usual 25, 53, 80 etc are identified, but one or two ports
stand out from the crowd. Looking in various 'common ports'
files does not provide a hint what the port is used for.
Connecting with telnet yields no text, and a tcpdump
dump does not provide any text (in clear anyway).
Now what!???
How should one approach this?
/Erik
--------------------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to
the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
- Port identification methodology Erik Norman (Jul 02)
|
Intro
