Penetration Testing: Re: Interesting challenge

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Interesting challenge

From: Paul Johnston <paul () westpoint ltd uk>
Date: Mon, 02 Feb 2004 10:19:24 +0000

Sanjay,

You get a connection using a web browser, so presumably you must atleast get a TCP connection if you use telnet from the same box you usedthe web browser from? However, you don't see any open ports fromNessus/Retina? If you look at the SYN packets sent in these situations,you'll see that SYN scanners tend to use much 'leaner' packets than thekernel generates. Presumably it is possible to filter on this basis, andI notice another poster said OpenBSD could do this. So you may getbetter results if you use a TCP connect() scan, rather than a SYN scan.However, realistically it is more likely that you are doing somethingwrong when running Nessus/Retina, be it using "ping the remote host" orgiving it a domain name that has multiple A records or whatever.


Paul

Sanjay K. Patel wrote:

almost everyone who replied pointed towards icmp. We have tried running the
test with icmp disabled. We still do not get a reply on those ports.

-SKP

--
Paul Johnston
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul () westpoint ltd uk
web: www.westpoint.ltd.uk



---------------------------------------------------------------------------
----------------------------------------------------------------------------

By Date By Thread

Current thread:

Re: Interesting challenge Paul Johnston (Feb 02)
- <Possible follow-ups>
- RE: Interesting challenge Eric S. Boltz (Feb 02)