|
Penetration Testing
mailing list archives
Re: Disovering hosts using UDP services
From: Anders Thulin <anders.thulin () sentor se>
Date: Fri, 05 Sep 2008 07:50:19 +0200
Gleb Paharenko wrote:
I'm looking for tools which will allow enumerate
- dns 53
- snmp discover 161
... etc.
Doesn't nmap do much of this these days? Just use your own
nmap-service-probes file, and write your own probe packets.
(Use the --datadir option.)
If you don't like that, and there is no ready-made code,
I think the best idea is to take a sound UDP-scanner such as
nbtscan, rip out everything that is netbios oriented, and replace
it with DNS-code, SNMP-code, or even code that can be selected
from the command-line. If I recall, creating a dnsscan out of
nbtscan was one or two hours work.
Of course, you need to know the protocols. DNS is simple: just send
a status request, and you'll get a response that says 'not implemented'.
SNMP is less easy: you won't get a response unless the server does something
else than what the protocol specification says. Some do, but far from all.
And so on.
--
Anders Thulin anders.thulin () sentor se 070-757 36 10 / Intl. +46 70 757 36 10
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
