Security Basics mailing list archives
Re: Wierd non-http port 80 daemon?
From: Dani Wuck <wuck () chello nl>
Date: Fri, 09 Jan 2004 18:36:54 +0100
Hello Brien, Brien Dieterle wrote:
From Nmap:"Once the TCP connection is made, Nmap just listens for roughly 5 seconds." Would it be worthwhile for some to (try to) hide a naughty service by faking some other service for the first 5 seconds?
I do not understand your question completely.At first, I did not use the -sV option and also, I guessed that nmap said the port was HTTP because it merely knew it was on port 80. Further investigation confirmed the HTTP protocol, used by Kazaa Lite. Do you mean that it could not have been a naughty service, according to the nmap -sV results? That I could've seen that in the first place?
regards, - wuck ---------------------------------------------------------------------------Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Wierd non-http port 80 daemon? Dani Wuck (Jan 07)
- Re: Wierd non-http port 80 daemon? Greg Tracy (Jan 07)
- Re: Wierd non-http port 80 daemon? Austin Godber (Jan 08)
- Re: Wierd non-http port 80 daemon? Brien Dieterle (Jan 09)
- Re: Wierd non-http port 80 daemon? Dani Wuck (Jan 09)
- Re: Wierd non-http port 80 daemon? Brien Dieterle (Jan 09)
- Re: Wierd non-http port 80 daemon? Kelly John Rose (Jan 08)
- Re: Wierd non-http port 80 daemon? Thomas Kerbl (Jan 08)
- Re: Wierd non-http port 80 daemon? Francisco Andrades (Jan 09)