On Tue, May 27, 2008 at 4:00 PM,
Sergio Castro <sergio.castro_at_unicin.net> wrote:
>
> What the application does is search the range of IPs you specify,
> and checks if port 5060 is available. Whether open or close,
> port usually 5060 indicates the presence of a SIP device.
> Then it checks if port 80 (http) is open.
Looking through the code, it's a very decent start, and a good idea IMO.
One thing you may want to consider is that SIP generally runs on
UDP/5060.
Your portscan.py script calls both port 80 and 5060 with AF_INET and
SOCK_STREAM which would mean TCP both times.
It may make sense to break the SIP scan out such that it checks for
both UDP and TCP port 5060 (and you may also want to add TCP/5061
to the mix, as SIP/TLS generally uses that port.)
Other than that, like I said, a decent bit of work I think.
Regards,
Jason
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Received on May 28 2008
Intro
